Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICC
2007
IEEE
2007
IEEE
Distributed Early Worm Detection Based on Payload Histograms
— Epidemic worms has become a social problem owing to their potency in paralyzing the Internet, thus affecting our way of life. Recent researches have pointed out that epidemic worms can propagate similar payloads rapidly. It was shown that it is possible to evaluate similarities between these payloads in terms of a 256-dimensional vector based on histograms of the appearance frequencies of 256 character codes. This observation has also been confirmed by our earlier works. However, this method, if applied to flows from only one network, which means a network managed by an independent organization, is prone to a high rate of false positives in cases such as when normal emails are sent through a mailing list. To overcome this problem, we propose a new scheme which checks for any similarity between flows detected at several IDSs in a distributed environment. The proposed scheme is based on the fact that normal payloads propagating from different networks are different, whereas in the...
Real-time Traffic| Added | 02 Jun 2010 |
| Updated | 02 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ICC |
| Authors | Yuji Waizumi, Masashi Tsuji, Hiroshi Tsunoda, Nirwan Ansari, Yoshiaki Nemoto |
Comments (0)
Researcher Info
|
