Yu Yao, Junwei Lv, Fu-xiang Gao, Yanfang Zhang, Ge Yu
{"title":"基于行为的蠕虫检测和签名生成","authors":"Yu Yao, Junwei Lv, Fu-xiang Gao, Yanfang Zhang, Ge Yu","doi":"10.1109/IMSCCS.2008.29","DOIUrl":null,"url":null,"abstract":"High efficient and real-time characteristic of the signature-based approach guarantee the early detection of most known worms; while behavior-based approach searches for communication pattern of worms in accordance with their behavioral characteristics that are different from normal network traffic. To improve the detection rate and accuracy, two detection algorithms for diffuse type communication pattern and chain communication pattern and distributed detection architecture are proposed. Through analysis on detection result, the detection approach presented here can realize detection of both known and unknown worms with a high detection rate and accuracy.","PeriodicalId":122953,"journal":{"name":"2008 International Multi-symposiums on Computer and Computational Sciences","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Behavior-Based Worm Detection and Signature Generation\",\"authors\":\"Yu Yao, Junwei Lv, Fu-xiang Gao, Yanfang Zhang, Ge Yu\",\"doi\":\"10.1109/IMSCCS.2008.29\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"High efficient and real-time characteristic of the signature-based approach guarantee the early detection of most known worms; while behavior-based approach searches for communication pattern of worms in accordance with their behavioral characteristics that are different from normal network traffic. To improve the detection rate and accuracy, two detection algorithms for diffuse type communication pattern and chain communication pattern and distributed detection architecture are proposed. Through analysis on detection result, the detection approach presented here can realize detection of both known and unknown worms with a high detection rate and accuracy.\",\"PeriodicalId\":122953,\"journal\":{\"name\":\"2008 International Multi-symposiums on Computer and Computational Sciences\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Multi-symposiums on Computer and Computational Sciences\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IMSCCS.2008.29\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Multi-symposiums on Computer and Computational Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMSCCS.2008.29","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Behavior-Based Worm Detection and Signature Generation
High efficient and real-time characteristic of the signature-based approach guarantee the early detection of most known worms; while behavior-based approach searches for communication pattern of worms in accordance with their behavioral characteristics that are different from normal network traffic. To improve the detection rate and accuracy, two detection algorithms for diffuse type communication pattern and chain communication pattern and distributed detection architecture are proposed. Through analysis on detection result, the detection approach presented here can realize detection of both known and unknown worms with a high detection rate and accuracy.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
