It is widely believed that content-signature-based intrusion detection systems (IDSes) are easily evaded by polymorphic worms, which vary their payload on every infection attempt....
— As Internet worms become ever faster and more sophisticated, it is important to be able to extract worm signatures in an accurate and timely manner. In this paper, we apply mac...
Stewart M. Yang, Jianping Song, Harish Rajamani, T...
To combat the rapid infection rate of today’s Internet worms, signatures for novel worms must be generated soon after an outbreak. This is especially critical in the case of pol...
Matthew Van Gundy, Hao Chen, Zhendong Su, Giovanni...
Modern worms can spread so quickly that any countermeasure based on human reaction might not be fast enough. Recent research has focused on devising algorithms to automatically pr...
Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, Matti...
—It is crucial to detect zero-day polymorphic worms and to generate signatures at network gateways or honeynets so that we can prevent worms from propagating at their early phase...
Lanjia Wang, Zhichun Li, Yan Chen, Zhi Fu, Xing Li