Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
INFOCOM
2006
IEEE
2006
IEEE
Design and Evaluation of a Fast and Robust Worm Detection Algorithm
— Fast spreading worms are a reality, as amply demonstrated by worms such as Slammer, which reached its peak propagation in a matter of minutes. With these kinds of fast spreading worms, the traditional approach of signature-based detection is no longer sufficient. Specifically, these worms can infect all vulnerable hosts well before a signature is available. To counter them, we must devise fast detection algorithms that can detect new worms without signatures as they first begin to appear. We present the design and evaluation of such an algorithm in this paper. The key to the algorithm is the identification of certain invariant characteristics of worm propagation. Specifically, we are able to demonstrate using real network traces how worm propagation can perturb the arrival process distribution of unsolicited packets. Our algorithm employs a novel two-step procedure that combines a first stage change point detection with a second stage growth rate inference to confirm the exi...
Real-time TrafficRelated Content
| Added | 11 Jun 2010 |
| Updated | 11 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | INFOCOM |
| Authors | Tian Bu, Aiyou Chen, Scott A. Vander Wiel, Thomas Y. C. Woo |
Comments (0)
Researcher Info
|
