An experimental analysis for malware detection using extrusions

2011 2nd International Conference on Computer and Communication Technology (ICCCT-2011) Pub Date : 2011-11-10 DOI:10.1109/ICCCT.2011.6075135

Sunny Behal, Krishan Kumar

{"title":"An experimental analysis for malware detection using extrusions","authors":"Sunny Behal, Krishan Kumar","doi":"10.1109/ICCCT.2011.6075135","DOIUrl":null,"url":null,"abstract":"Today, the comprehensive protection of a computer network from malware is extremely important. The increasing usage of interactive internet applications in the areas of stock trades, medicine, weather forecasting, banks, businesses, education, defense, research etc. has induced a rise in risks and possibilities of misuse of computer networks. Over the last decade, malicious software or malware in the form of viruses, worms, Trojan horses, Botnets has risen to become a primary source of most of the threats used for scanning, distributed denial-of-service (DDoS) activities and direct attacks, taking place across the Internet. A number of solutions have been proposed in literature to defend against such threats from malware. Majority of these solutions uses the concept of inbound traffic approach for detection. The main goal of this paper is to work out a pragmatic solution to protect the network from the malware by exploring the feasibility of the concept of analysis of outbound traffic i.e Extrusion traffic only instead of intrusion traffic. Four different types of malware have been analyzed to check the validity of the proposed approach.","PeriodicalId":285986,"journal":{"name":"2011 2nd International Conference on Computer and Communication Technology (ICCCT-2011)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 2nd International Conference on Computer and Communication Technology (ICCCT-2011)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCT.2011.6075135","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

Abstract

Today, the comprehensive protection of a computer network from malware is extremely important. The increasing usage of interactive internet applications in the areas of stock trades, medicine, weather forecasting, banks, businesses, education, defense, research etc. has induced a rise in risks and possibilities of misuse of computer networks. Over the last decade, malicious software or malware in the form of viruses, worms, Trojan horses, Botnets has risen to become a primary source of most of the threats used for scanning, distributed denial-of-service (DDoS) activities and direct attacks, taking place across the Internet. A number of solutions have been proposed in literature to defend against such threats from malware. Majority of these solutions uses the concept of inbound traffic approach for detection. The main goal of this paper is to work out a pragmatic solution to protect the network from the malware by exploring the feasibility of the concept of analysis of outbound traffic i.e Extrusion traffic only instead of intrusion traffic. Four different types of malware have been analyzed to check the validity of the proposed approach.

查看原文本刊更多论文

利用挤压检测恶意软件的实验分析

今天，全面保护计算机网络免受恶意软件的侵害是极其重要的。在股票交易、医疗、天气预报、银行、商业、教育、国防、研究等领域越来越多地使用交互式互联网应用程序，导致滥用计算机网络的风险和可能性增加。在过去的十年中，恶意软件或恶意软件以病毒、蠕虫、特洛伊木马、僵尸网络的形式已经上升为大多数威胁的主要来源，用于扫描、分布式拒绝服务(DDoS)活动和直接攻击，发生在整个互联网上。文献中已经提出了许多解决方案来防御来自恶意软件的此类威胁。这些解决方案中的大多数都使用入站流量方法的概念进行检测。本文的主要目标是通过探索分析出站流量即挤出流量而不是入侵流量的概念的可行性，找出一种实用的解决方案来保护网络免受恶意软件的攻击。分析了四种不同类型的恶意软件，以检验所提出方法的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2011 2nd International Conference on Computer and Communication Technology (ICCCT-2011)

自引率

0.00%

发文量