Combined Behavior- and Signature-Based Internet Worm Detection System

被引：0

作者：

Altaher, Altyeb ^{[1
]}

Ramadass, Sureswaran ^{[1
]}

Meulenberg, Andrew ^{[1
]}

Abdat, Mustafa ^{[1
]}

Ali, Ammar ^{[1
]}

机构：

[1] Univ Sains Malaysia, Natl Adv Ctr IPv6, George Town 11800, Malaysia

来源：

INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL | 2012年 / 15卷 / 10期

关键词：

Internet worm detection; behavior based worm detection; signature based worm detection; worm propagation model; worm payload;

D O I：

暂无

中图分类号：

T [工业技术];

学科分类号：

08 ;

摘要：

The number of polymorphic and new worms on the Internet is increasing rapidly. Worm infections cause traffic overloads in office networks and congestion of Internet links by replicating itself and hurting the affected companies by causing data loss and damage. Traditional signature-based worm detection systems fail to detect polymorphic and new, previously unseen worms. In this paper, based on an analysis of network traffic behavior, we develop the Combined Worm Detection System (CWDS) by combining signature-based worm detection and behavior-based worm detection. The CWDS uses the signature-based worm detection to detect the known worms, while it uses the behavior-based worm detection to detect polymorphic and new worms. An experimental study on real time network traffic and standard worm data sets is performed to test the proposed CWDS system. The experimental results demonstrate that the proposed CWDS system can detect both known and unknown worms with high detection rate and accuracy.

引用

页码：4213 / 4222

页数：10

共 50 条

[31] A survey and taxonomy of the fuzzy signature-based Intrusion Detection Systems
Masdari, Mohammad
Khezri, Hemn
APPLIED SOFT COMPUTING, 2020, 92 (92)
[32] SigIL: A Signature-Based Approach of Malware Detection on Intermediate Language
Fortino, Giancarlo
Greco, Claudia
Guzzo, Antonella
Ianni, Michele
COMPUTER SECURITY. ESORICS 2023 INTERNATIONAL WORKSHOPS, CPS4CIP, PT II, 2024, 14399 : 256 - 266
[33] An aggregated signature-based fast RFID batch detection protocol
Li, Chaoliang
Wang, Guojun
Zheng, Jin
SECURITY AND COMMUNICATION NETWORKS, 2014, 7 (09) : 1364 - 1371
[34] A Signature-based Assistant Random Oversampling Method for Malware Detection
Pang, Ying
Chen, Zhenxiang
Peng, Lizhi
Ma, Kun
Zhao, Chuan
Ji, Ke
2019 18TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS/13TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (TRUSTCOM/BIGDATASE 2019), 2019, : 256 - 263
[35] Using decision trees to improve signature-based intrusion detection
Kruegel, C
Toth, T
RECENT ADVANCES IN INTRUSION DETECTION, PROCEEDINGS, 2003, 2820 : 173 - 191
[36] Signature-Based Detection of Notable Transitions in Numeric Data Streams
Cherniak, Andrii
Zadorozhny, Vladimir I.
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2013, 25 (12) : 2867 - 2879
[37] Signature-based Detection of Privilege-Escalation Attacks on Android
Niazi, Rafay Hassan
Waseem, Tahir
Shamsi, Jawwad Ahmed
Khan, Muhammad Mubashir
2015 CONFERENCE ON INFORMATION ASSURANCE AND CYBER SECURITY (CIACS), 2015, : 44 - 49
[38] Signature-based multi-layer distributed intrusion detection system using mobile agents
Uddin, M. (mueenmalik9516@gmail.com), 1600, Femto Technique Co., Ltd. (15):
[39] On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks
Diaz-Verdejo, Jesus
Munoz-Calle, Javier
Estepa Alonso, Antonio
Estepa Alonso, Rafael
Madinabeitia, German
APPLIED SCIENCES-BASEL, 2022, 12 (02):
[40] Worm detection and signature extraction based on communication characteristics
Research Center of Computer Network and Information Security Technology, Harbin Institute of Technology, Harbin 150001, China
不详
Tongxin Xuebao, 2007, 12 (1-7):

← 1 2 3 4 5 →