1. Introduction
As we currently approach one billion Internet users [14], more and more cyber criminals join in and misuse this worldwide network by setting free malicious worm code that infects hosts and aggressively spreads over the network. Surprisingly, many large operators of Internet backbones still do not see enough incentives for deploying security elements and for analysing their network traffic proactively in near real-time for new massive security incidents like worm outbreaks. Security in the Internet is mostly regarded as being the duty of the network users that should protect their end systems by a firewall and a virus scanner.