• DocumentCode
    1490313
  • Title

    Is early warning of an imminent worm epidemic possible?

  • Author

    Park, Hyundo ; Kim, Hyogon ; Lee, Heejo

  • Author_Institution
    Korea Univ., Seoul, South Korea
  • Volume
    23
  • Issue
    5
  • fYear
    2009
  • fDate
    9/1/2009 12:00:00 AM
  • Firstpage
    14
  • Lastpage
    20
  • Abstract
    This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm´s scanning strategies.
  • Keywords
    invasive software; telecommunication security; telecommunication traffic; anomaly detection method; denial-of-service attacks; imminent worm epidemic; matrix operations; scanning strategies; traffic characteristics; Alarm systems; Battery charge measurement; Computer crime; Internet; Nose; Random number generation; Telecommunication traffic; Testing;
  • fLanguage
    English
  • Journal_Title
    Network, IEEE
  • Publisher
    ieee
  • ISSN
    0890-8044
  • Type

    jour

  • DOI
    10.1109/MNET.2009.5274917
  • Filename
    5274917
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1490313