The Blaster Worm: Then And Now

Michael Bailey, Evan Cooke, Farnam Jahanian, David Watson, University of Michigan, Ann Arbor, MI
Jose Nazario, Arbor Networks, Ann Arbor, MI
Published in July/August 2005 Issue of IEEE S&P Magazine


(C)2005 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.


In August of 2003 the Blaster worm struck the Internet, infecting at least 100,000 Microsoft Windows systems and causing millions of dollars in damages. In spite of considerable cleanup efforts, an antiworm aimed at patching systems, and a widely downloaded clean-up tool from Microsoft, the worm is still very much alive. In this article we describe observations of the Blaster worm from its onset in 2003 to its continued persistence a year later.

Galley Proof Download (PDF)

Here's a copy of the paper in galley proof format. It contains a few errors (ie EST not GMT, some spelling errors), but is otherwise very close to the published version.

The Blaster Worm: Then And Now [PDF]

Citation: Michael Bailey, Evan Cooke, Farnam Jahanian, David Watson, Jose Nazario. "The Blaster Worm: Then and Now," IEEE Security and Privacy, vol. 03, no. 4, pp. 26-31, July/August 2005.