A Failure to Learn from the Past

Las Vegas, Nevada December 08-December 12

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2003.1254327

19th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Eugene H. Spafford

	ASCII Text	x
	Eugene H. Spafford, "A Failure to Learn from the Past," Computer Security Applications Conference, Annual, pp. 217, 19th Annual Computer Security Applications Conference (ACSAC '03), 2003.

	BibTex	x
	@article{ 10.1109/CSAC.2003.1254327, author = {Eugene H. Spafford}, title = {A Failure to Learn from the Past}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2003}, issn = {1063-9527}, pages = {217}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2003.1254327}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - A Failure to Learn from the Past SN - 1063-9527 SP EP A1 - Eugene H. Spafford, PY - 2003 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Eugene H. Spafford, Purdue University CERIAS

On the evening of 2 November 1988, someone "infected" the Internet with a worm program. That program exploited flaws in utility programs in systems based on BSD-derived versions of UNIX. The flaws allowed the program to break into those machines and copy itself, thus infecting those systems. This program eventually spread to thousands of machines, and disrupted normal activities and Internet connectivity for many days. It was the first major network-wide attack on computer systems, and thus was a matter of considerable interest.

This paper provides a brief chronology of both the spread and eradication of the program, a presentation about how the program worked, and details of the aftermath. That is followed by discussion of some observations of what has happened in the years since that incident. The discussion supports the title of this paper - that the community has failed to learn from the past.

Citation:

Eugene H. Spafford, "A Failure to Learn from the Past," acsac, pp.217, 19th Annual Computer Security Applications Conference (ACSAC '03), 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.