Detecting Internet Worms Using Data Mining Techniques

被引:0
|
作者
Siddiqui, Muazzam [1 ]
Wang, Morgan C. [2 ]
Lee, Joohan [3 ]
机构
[1] Univ Cent Florida, Inst Simulat & Training, Orlando, FL 32816 USA
[2] Univ Cent Florida, Dept Stat & Actuarial Sci, Orlando, FL 32816 USA
[3] Univ Cent Florida, Sch Elect Engn & Comp Sci, Orlando, FL 32816 USA
来源
IMETI 2008: INTERNATIONAL MULTI-CONFERENCE ON ENGINEERING AND TECHNOLOGICAL INNOVATION, VOL I, PROCEEDINGS | 2008年
关键词
Data Mining; Worm Detection; Binary Classification; Static Analysis; Disassembly; Instruction Sequences;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Internet worms pose a serious threat to computer security. Traditional approaches using signatures to detect worms pose little danger to the zero day attacks. The focus of malware research is shifting from using signature patterns to identifying the malicious behavior displayed by the malwares. This paper presents a novel idea of extracting variable length instruction sequences that can identify worms from clean programs using data mining techniques. The analysis is facilitated by the program control flow information contained in the instruction sequences. Based upon general statistics gathered from these instruction sequences we formulated the problem as a binary classification problem and built tree based classifiers including decision tree, bagging and random forest. Our approach showed 95.6% detection rate on novel worms whose data was not used in the model building process. http://www.iiisci.org/journal/CV$/sci/pdfs/QI505RM.pdf
引用
收藏
页码:129 / +
页数:3
相关论文
共 50 条
  • [21] Detecting Smart, Self-Propagating Internet Worms
    Li, Jun
    Stafford, Shad
    2014 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2014, : 193 - 201
  • [22] Intelligent Failure Connection Algorithm for Detecting Internet Worms
    Rasheed, Mohammad M.
    Norwawi, Norita Md
    Ghazali, Osman
    Kadhum, Mohammed M.
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2009, 9 (05): : 280 - 285
  • [23] Detecting remote exploits using data mining
    The University of Texas at Dallas, Richardson, TX, United States
    不详
    IFIP Advances in Information and Communication Technology, 2008, (177-189)
  • [24] Detecting remote exploits using data mining
    Masud, Mohammad
    Khan, Latifur
    Thuraisingham, Bhavani
    Wang, Xinran
    Liu, Peng
    Zhu, Sencun
    ADVANCES IN DIGITAL FORENSICS IV, 2008, 285 : 177 - +
  • [25] Internet of Things and data mining: From applications to techniques and systems
    Gaber, Mohamed Medhat
    Aneiba, Adel
    Basurra, Shadi
    Batty, Oliver
    Elmisery, Ahmed M.
    Kovalchuk, Yevgeniya
    Rehman, Muhammad Habib Ur
    WILEY INTERDISCIPLINARY REVIEWS-DATA MINING AND KNOWLEDGE DISCOVERY, 2019, 9 (03)
  • [26] Data Mining Techniques for Detecting Household Characteristics Based on Smart Meter Data
    Gajowniczek, Krzysztof
    Zabkowski, Tomasz
    ENERGIES, 2015, 8 (07) : 7407 - 7427
  • [27] Using data mining techniques for detecting noises and pre-processing financial time series
    Leung, CKS
    Thulasiram, RK
    Bondarenko, DA
    PROCEEDINGS OF THE 8TH JOINT CONFERENCE ON INFORMATION SCIENCES, VOLS 1-3, 2005, : 1138 - 1141
  • [28] Using data mining and datawarehousing techniques
    Forcht, KA
    Cochran, K
    INDUSTRIAL MANAGEMENT & DATA SYSTEMS, 1999, 99 (5-6) : 189 - 196
  • [29] Using data mining and datawarehousing techniques
    Forcht, Karen A.
    Cochran, Kevin
    Industrial Management and Data Systems, 1999, 99 (05): : 189 - 196
  • [30] Predicting agricultural and livestock products purchases using the Internet search index and data mining techniques
    Rho, Hoyoung
    Choi, Keunho
    Yoo, Donghee
    DATA TECHNOLOGIES AND APPLICATIONS, 2021, 55 (05) : 788 - 809
12345