مرکز منطقه ای اطلاع رساني علوم و فناوري - Is early warning of an imminent worm epidemic possible?

DocumentCode :

1490313

Title :

Is early warning of an imminent worm epidemic possible?

Author :

Park, Hyundo ; Kim, Hyogon ; Lee, Heejo

Author_Institution :

Korea Univ., Seoul, South Korea

Volume :

Issue :

fYear :

2009

fDate :

9/1/2009 12:00:00 AM

Firstpage :

Lastpage :

Abstract :

This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm´s scanning strategies.

Keywords :

invasive software; telecommunication security; telecommunication traffic; anomaly detection method; denial-of-service attacks; imminent worm epidemic; matrix operations; scanning strategies; traffic characteristics; Alarm systems; Battery charge measurement; Computer crime; Internet; Nose; Random number generation; Telecommunication traffic; Testing;

fLanguage :

English

Journal_Title :

Network, IEEE

Publisher :

ieee

ISSN :

0890-8044

Type :

jour

DOI :

10.1109/MNET.2009.5274917

Filename :

5274917

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1490313