Detecting smart, self-propagating Internet worms

机译：检测智能，自宣传互联网蠕虫

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Self-propagating worms can infect millions of computers on the Internet in just several minutes. Although there are already many existing worm detectors, none of them systematically consider the countermeasures from worm authors, leaving them potentially ineffective against smart, evasive worms. We therefore revisit worm detection in this paper. We treat worm detection as an arms race, and study how to most effectively detect not only classic worms (i.e. worms that do not have the knowledge of worm detectors), but also evasive worms that know the worm detector in place, know its configurations, and can even adjust their scanning rate by observing legitimate traffic. We describe our design of a new worm detector called SWORD, conduct extensive experiments using realistic trace with different parameters of worms, and demonstrate that SWORD is superior to existing detectors for detecting both classic and evasive worms.

机译：自我传播的蠕虫可以在几分钟内在互联网上感染数百万台电脑。虽然已经存在许多现有的蠕虫探测器，但它们都没有系统地考虑来自蠕虫作者的对策，让他们对智能，避免蠕虫潜在地无效。因此，我们在本文中重新审视了蠕虫检测。我们将蠕虫检测视为武器种族，研究如何最有效地检测经典蠕虫（即没有蠕虫探测器知识的蠕虫），而且还知道知道蠕虫探测器的蠕虫，了解其配置，并且甚至可以通过观察合法的交通来调整扫描率。我们描述了我们设计的新蠕虫探测器，称为剑，使用具有不同蠕虫的参数的现实轨迹进行广泛的实验，并证明剑优于现有的探测器，用于检测经典和避免的蠕虫。

著录项

来源
《IEEE Conference on Communications and Network Security》|2014年||共9页
会议地点
作者
Jun Li; Stafford Shad;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类通信;
关键词
Internet; computer network security; invasive software; telecommunication traffic; SWORD worm detector; arms race; classic worms; legitimate traffic; scanning rate; smart evasive worms; smart self-propagating Internet worm detection; worm authors; worm parameters; Boolean functions; Data structures; Detectors; Grippers; Internet; Security; Training; Internet worm; behavior-based worm detection; smart worm; worm detection;

机译：互联网;计算机网络安全;侵入式软件;电信交通;剑蠕虫探测器;军备;经典蠕虫;合法的流量;扫描率;扫描速度;智能自我传播蠕虫检测;蠕虫作者;蠕虫参数;布尔函数;数据结构;探测器;夹具;互联网;安全;培训;互联网蠕虫;基于行为的蠕虫检测;智能蠕虫;蠕虫检测;

相似文献

外文文献
中文文献
专利

1. Intelligent Failure Connection Algorithm for Detecting Internet Worms [J] . Mohammad M. Rasheed, Norita Md Norwawi, Osman Ghazali, International journal of computer science and network security . 2009,第5期

机译：互联网蠕虫检测的智能故障连接算法
2. Intelligent Failure Connection Algorithm for Detecting Internet Worms [J] . Mohammad M. Rasheed, Norita Md Norwawi, Osman Ghazali, International journal of computer science and network security . 2009,第5期

机译：检测互联网蠕虫的智能故障连接算法
3. Detecting Internet Worms Using Data Mining Techniques [J] . Muazzam Siddiqui, Morgan C. Wang, Joohan Lee Journal of Systemics, Cybernetics and Informatics . 2008,第6期

机译：使用数据挖掘技术检测Internet蠕虫
4. Detecting smart, self-propagating Internet worms [C] . Jun Li, Stafford Shad IEEE Conference on Communications and Network Security . 2014

机译：检测智能的，自我传播的Internet蠕虫
5. Simulation and detection of self-propagating worms and viruses. [D] . Gupta, Ajay Kumar. 2004

机译：自传播蠕虫和病毒的仿真和检测。
6. A Possible Smart Metering System Evolution for Rural and Remote Areas Employing Unmanned Aerial Vehicles and Internet of Things in Smart Grids [O] . Giovanni Battista Gaggero, Mario Marchese, Aya Moheddine, 2021

机译：农村和偏远地区的可能智能计量系统演进智能电网携带无人驾驶飞行器和互联网
7. Detecting Internet Worms at Early Stage [O] . Shigang Chen, Sanjay Ranka 2005

机译：早期检测互联网蠕虫
8. Internet Worm and Virus Protection for Very High-Speed Networks [R] . Lockwood, J. 2004

机译：用于超高速网络的Internet蠕虫和病毒防护

Detecting smart, self-propagating Internet worms

摘要

著录项

相似文献

相关主题

期刊订阅