Malware Detection

Volume 27 of the series Advances in Information Security pp 147-170

Sting: An End-to-End Self-Healing System for Defending against Internet Worms

  • David BrumleyAffiliated withCarnegie Mellon University
  • , James NewsomeAffiliated withCarnegie Mellon University
  • , Dawn SongAffiliated withCarnegie Mellon University

* Final gross prices may vary according to local VAT.

Get Access


We increasingly rely on highly available systems in all areas of society, from the economy, to military, to the government. Unfortunately, much software, including critical applications, contains vulnerabilities unknown at the time of deployment, with memory-overwrite vulnerabilities (such as buffer overflow and format string vulnerabilities) accounting for more than 60% of total vulnerabilities [10]. These vulnerabilities, when exploited, can cause devastating effects, such as self-propagating worm attacks which can compromise millions of vulnerable hosts within a matter of minutes or even seconds [32],[61], and cause millions of dollars of damage [30]. Therefore, we need to develop effective mechanisms to protect vulnerable hosts from being compromised and allow them to continue providing critical services, even under aggressively spreading attacks on previously unknown vulnerabilities.