||This article includes a list of references, related reading or external links, but its sources remain unclear because it lacks inline citations. (March 2010) (Learn how and when to remove this template message)|
A Warhol worm is an extremely rapidly propagating computer worm that spreads as fast as physically possible, infecting all vulnerable machines on the entire Internet in 15 minutes or less. The term is based on Andy Warhol's remark that "In the future, everyone will have 15 minutes of fame". The analysis was extended by Stuart Staniford to create the flash worm concept. More information on these concepts is in "How to 0wn the Internet in your Spare Time" by Staniford, Paxson, and Weaver (appeared in Usenix Security 2002).
In 2003, SQL Slammer became the first observed example of a Warhol worm. The mechanism of SQL Slammer's spread used a pseudo-random number generator seeded from a system variable to determine which IP addresses to attack next. In spite of deficiencies in its implementation, the randomized attack was highly effective.
According to a CAIDA-coordinated analysis of the SQL Slammer outbreak, its growth followed an exponential curve with a doubling time of 8.5 seconds in the early phases of the attack, which was only slowed by the collapse of many networks because of the denial of service caused by SQL Slammer's traffic. 90% of all vulnerable machines were infected within 10 minutes, showing that the original estimate for infection speed was roughly correct.
- Warhol Worms: The Potential for Very Fast Internet Plagues by Nicholas C. Weaver
- report of CAIDA-coordinated study of SQL Slammer/Sapphire
- "How to 0wn the Internet in your Spare Time", Staniford, Paxson, Weaver. Usenix Security 2002.
- Cross Site Scripting Warhol Worm
|This malware-related article is a stub. You can help Wikipedia by expanding it.|