{"title":"一种蠕虫检测与遏制新算法的仿真与评价","authors":"Xiong Yang, Jing Lu, Yuguang Zhu, Ping Wang","doi":"10.1109/PDCAT.2006.103","DOIUrl":null,"url":null,"abstract":"Internet worm attacks have become increasingly more frequent and have caused enormous damage to the Internet community during the past years. A new security service that monitors the ongoing worm activities on the Internet and restricts the worm spreading rate automatically will greatly contribute to the security management of modern enterprise networks. Based on the comparison and analysis of many worm detection and containment strategies, a new and effective algorithm of detecting and containing network worms is proposed in this paper. The principle of this effective algorithm is an improved two rotation process to detect and contain worms. The simulation result of the algorithm is demonstrated so effectively to detect and slow down the rapid scanning worm and \"stealthy\" worm whose propagation rate is slower than the former. In order to reduce the number of false positives, the impact of normal network activities is also concerned. Finally, the simulation also analyzes the performance of detecting worms of the algorithm under normal and congestive network background","PeriodicalId":408368,"journal":{"name":"2006 First International Conference on Communications and Networking in China","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Simulation and Evaluation OF A New Algorithm of Worm Detection and Containment\",\"authors\":\"Xiong Yang, Jing Lu, Yuguang Zhu, Ping Wang\",\"doi\":\"10.1109/PDCAT.2006.103\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Internet worm attacks have become increasingly more frequent and have caused enormous damage to the Internet community during the past years. A new security service that monitors the ongoing worm activities on the Internet and restricts the worm spreading rate automatically will greatly contribute to the security management of modern enterprise networks. Based on the comparison and analysis of many worm detection and containment strategies, a new and effective algorithm of detecting and containing network worms is proposed in this paper. The principle of this effective algorithm is an improved two rotation process to detect and contain worms. The simulation result of the algorithm is demonstrated so effectively to detect and slow down the rapid scanning worm and \\\"stealthy\\\" worm whose propagation rate is slower than the former. In order to reduce the number of false positives, the impact of normal network activities is also concerned. Finally, the simulation also analyzes the performance of detecting worms of the algorithm under normal and congestive network background\",\"PeriodicalId\":408368,\"journal\":{\"name\":\"2006 First International Conference on Communications and Networking in China\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-12-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 First International Conference on Communications and Networking in China\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDCAT.2006.103\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 First International Conference on Communications and Networking in China","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT.2006.103","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Simulation and Evaluation OF A New Algorithm of Worm Detection and Containment
Internet worm attacks have become increasingly more frequent and have caused enormous damage to the Internet community during the past years. A new security service that monitors the ongoing worm activities on the Internet and restricts the worm spreading rate automatically will greatly contribute to the security management of modern enterprise networks. Based on the comparison and analysis of many worm detection and containment strategies, a new and effective algorithm of detecting and containing network worms is proposed in this paper. The principle of this effective algorithm is an improved two rotation process to detect and contain worms. The simulation result of the algorithm is demonstrated so effectively to detect and slow down the rapid scanning worm and "stealthy" worm whose propagation rate is slower than the former. In order to reduce the number of false positives, the impact of normal network activities is also concerned. Finally, the simulation also analyzes the performance of detecting worms of the algorithm under normal and congestive network background
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
