Lemuria.org: Security


Security Papers

Simulating and optimising worm propagation algorithms
This paper describes a series of simulations run to estimate and improve upon various worm growth patterns and their corresponding propagation algorithms. It also does some simple estimates of the potential impact a malicious worm could have on the overall infrastructure.
(updated version from 9th February, 2004)

The Future of Malware
A glimpse into possible future developments, part of a workshop.

UI vs. Security
Why the problem is in front of the screen - and why it's not the user's fault.

Application-Level DRDOS Attacks (html)
Current publications on the matter of distributed reflection denial-of-service (DRDOS) attacks focus on low-level (that is, reliable), but harmless variants of the theme. This article shows a sample application of reflection DOS attack mechanisms that has a much more severe impact.

Other Publications

The soft underbelly
A foundations article about the inadequacy of perimeter-only defenses and the many weak spots inside the typical corporate network.

SELinux Talks
My presentations about Security Enhanced Linux are no longer here, as they are many years old and much of their content is now outdated and possibly misleading.

Practical Security Assessment
An article about security management and resource allocation. Published in Japan, in japanese.


Remote DoS in Mozilla 1.0 / X
A remote DoS attack against Unix-Users of Mozilla 1.0 which crashes the X server.

Back to the front page