J . R. Crandall, S. F. Wu, and F. T. Chong, “Experiences using Minos as a tool for capturing and analyzing novel worms for unknown vulnerabilities,” in: Proceedings of the GI SIG SIDAR Conference on Detection of Intrusions and Malware and Vulnerability Assessment, Vienna, pp. 32-50, 2005.
 J. R. Crandall, Su Zhen Dong, S. F. Wu, and F. T. Chong, “On deriving unknown vulnerabilities from Zero Day polymorphic and metamorphic worm exploits,” in: Proceedings of the ACM CCS 2005, Alexandria, Virginia, pp. 235-248, 2005.
 J. Xu, P. Ning, C. Kil, Y. Zhai, and C. Bookholt, “Automatic diagnosis and response to memory corruption vulnerabilities,” in: Proceedings of the ACM CCS 2005, Alexandria, Virginia, pp. 223-234, 2005.
 Symantec Security Response: CodeRed Worm. http://www. sarc.com/avcenter/venc/data/codered.worm.html.
 C. CAN-2003-0245. Apache apr-psprintf memory corruption vulnerability. http://www.securityfocus.com/bi-d/7723/ discussion/.
 Viruslist.com: Net-Worm. Linux. Adm. http://www.viruslist.com/en/viruses/encyclopedia?virusid=23854.
 SANS Institute: Lion worm. http://www.sans.o-rg/y2k/ lion.htm.
 R. P. Lippmann, D. J. Fried, I. Graf, et al., “Evaluating intrusion detection systems: The 1998 DARPA offline intrusion detection evaluation,” in: Proceedings of the 2000 DARPA Information Survivability Conference and Exposition, Hilton Head, SC, 2: pp. 1012-1035, 2000.