Title :
Efficient hybrid technique for detecting zero-day polymorphic worms
Author :
Kaur, Rupinderjit ; Singh, Monika
Author_Institution :
Comput. Sci. & Eng. Dept., Thapar Univ., Patiala, India
Abstract :
This paper presents an efficient technique for detecting zero-day polymorphic worms with almost zero false positives. Zero-day polymorphic worms not only exploit unknown vulnerabilities but also change their own representations on each new infection or encrypt their payloads using a different key per infection. Thus, there are many variations in the signatures for the same worm, making fingerprinting very difficult. With their ability to rapidly propagate, these worms increasingly threaten the Internet hosts and services. If these zero-day worms are not detected and contained at right time, they can potentially disable the Internet or can wreak serious havoc. So the detection of Zero-day polymorphic worms is of paramount importance.
Keywords :
Internet; cryptography; digital signatures; invasive software; Internet hosts; encryption; fingerprinting; hybrid technique; signatures; unknown vulnerabilities; zero false positives; zero-day polymorphic worm detection; Algorithm design and analysis; Grippers; Internet; Malware; Payloads; Registers; Sensors; Zero-day attack; hybrid system; intrusion detection; polymorphic worm;
Conference_Titel :
Advance Computing Conference (IACC), 2014 IEEE International
Conference_Location :
Gurgaon
Print_ISBN :
978-1-4799-2571-1
DOI :
10.1109/IAdCC.2014.6779301
