Warhol worm
Encyclopedia
A Warhol worm is an extremely rapidly propagating computer worm
that spreads as fast as physically possible, infecting all vulnerable machines on the entire Internet
in 15 minutes or less. The term is based on Andy Warhol
's remark that "In the future, everyone will have 15 minutes of fame". The analysis was extended by Stuart Staniford to create the flash worm concept. More information on these concepts is in "How to 0wn the Internet in your Spare Time" by Staniford, Paxson, and Weaver (appeared in Usenix Security 2002).
The SQL Slammer worm was the first observed example of a Warhol worm. The mechanism of SQL Slammer's spread used a pseudo-random number generator seeded from a system variable to determine which IP address
es to attack next. In spite of deficiencies in its implementation, the randomized attack was highly effective.
According to a CAIDA
-coordinated analysis of the SQL Slammer outbreak, its growth followed an exponential curve
with a doubling time of 8.5 seconds in the early phases of the attack, which was only slowed by the collapse of many networks because of the denial of service caused by SQL Slammer's traffic. 90% of all vulnerable machines were infected within 10 minutes, showing that the original estimate for infection speed was roughly correct.
Computer worm
A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
that spreads as fast as physically possible, infecting all vulnerable machines on the entire Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
in 15 minutes or less. The term is based on Andy Warhol
Andy Warhol
Andrew Warhola , known as Andy Warhol, was an American painter, printmaker, and filmmaker who was a leading figure in the visual art movement known as pop art...
's remark that "In the future, everyone will have 15 minutes of fame". The analysis was extended by Stuart Staniford to create the flash worm concept. More information on these concepts is in "How to 0wn the Internet in your Spare Time" by Staniford, Paxson, and Weaver (appeared in Usenix Security 2002).
The SQL Slammer worm was the first observed example of a Warhol worm. The mechanism of SQL Slammer's spread used a pseudo-random number generator seeded from a system variable to determine which IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es to attack next. In spite of deficiencies in its implementation, the randomized attack was highly effective.
According to a CAIDA
Cooperative Association for Internet Data Analysis
The Cooperative Association for Internet Data Analysis is a collaborative undertaking among organizations in the commercial, government, and research sectors aimed at promoting greater cooperation in the engineering and maintenance of a robust, scalable global Internet infrastructure. CAIDA...
-coordinated analysis of the SQL Slammer outbreak, its growth followed an exponential curve
Exponential growth
Exponential growth occurs when the growth rate of a mathematical function is proportional to the function's current value...
with a doubling time of 8.5 seconds in the early phases of the attack, which was only slowed by the collapse of many networks because of the denial of service caused by SQL Slammer's traffic. 90% of all vulnerable machines were infected within 10 minutes, showing that the original estimate for infection speed was roughly correct.
External links
- Warhol Worms: The Potential for Very Fast Internet Plagues by Nicholas C. Weaver
- report of CAIDA-coordinated study of SQL Slammer/Sapphire
- "How to 0wn the Internet in your Spare Time", Staniford, Paxson, Weaver. Usenix Security 2002.
- Cross Site Scripting Warhol Worm