Title :
Behavior-Based Worm Detection and Signature Generation
Author :
Yao, Yu ; Lv, Junwei ; Gao, Fuxiang ; Zhang, Yanfang ; Yu, Ge
Author_Institution :
Sch. of Inf. Sci. & Eng., Kunming
Abstract :
High efficient and real-time characteristic of the signature-based approach guarantee the early detection of most known worms; while behavior-based approach searches for communication pattern of worms in accordance with their behavioral characteristics that are different from normal network traffic. To improve the detection rate and accuracy, two detection algorithms for diffuse type communication pattern and chain communication pattern and distributed detection architecture are proposed. Through analysis on detection result, the detection approach presented here can realize detection of both known and unknown worms with a high detection rate and accuracy.
Keywords :
digital signatures; invasive software; behavior-based worm detection; network traffic; signature generation; Character generation; Computer networks; Computer worms; Detection algorithms; Information science; Intrusion detection; Payloads; Protocols; Telecommunication traffic; Traffic control; Behavior-based Detection; LCSeq+HSG algorithm; Signature Generation; worm detection;
Conference_Titel :
Computer and Computational Sciences, 2008. IMSCCS '08. International Multisymposiums on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3430-5
DOI :
10.1109/IMSCCS.2008.29
