Title :
Worm Detection in Large Scale Network by Traffic
Author :
Xin, Yi ; Fang, Bin-Xing ; Yun, Xiao-Chun ; Chen, Hai-Yong
Author_Institution :
Harbin Institute of Technology..Harbin, China
Abstract :
Nowadays, worms have been one of the leading threats to information security and service availability. Current operational practices have not been able to manage the threat effectively. So it is very important to make early warning of the burst of worm in large scale network. In this paper we analyze the real network traffic in large scale network. Based on long time statistic, we construct a network traffic model which concern two parameters: the traffic volume and curve of traffic function. And then we propose a method to computer the function curve of normal traffic function in ideal condition. We deployed them in our campus network (more than 20000 computers, 400M/s bandwidth to internet).It is shown that the worms are detected automatically and efficiently.
Keywords :
Network Security; Network Traffic; Statistic; Worm Detection; Availability; Bandwidth; Computer networks; Computer worms; IP networks; Information security; Large-scale systems; Statistics; Telecommunication traffic; Traffic control; Network Security; Network Traffic; Statistic; Worm Detection;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2005. PDCAT 2005. Sixth International Conference on
Print_ISBN :
0-7695-2405-2
DOI :
10.1109/PDCAT.2005.255
