Hit-list Worm Detection Using Distributed Sliding Window
نویسندگان
چکیده
منابع مشابه
Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs
We present a novel method for detecting hit-list worms using protocol graphs. In a protocol graph, a vertex represents a single IP address, and an edge represents communications between those addresses using a specific protocol (e.g., HTTP). We show that the protocol graphs of four diverse and representative protocols (HTTP, FTP, SMTP, and Oracle), as constructed from monitoring for fixed durat...
متن کاملAnomaly Detection in Road Networks using Sliding-Window Tensor Factorization
Anomaly detection on road networks can be used to sever for emergency response and is of great importance to traffic management. However, none of the existing approaches can deal with the diversity of anomaly types. In this paper, we propose a novel framework to detect multiple types of anomalies. The framework incorporates real-time and historical traffic into a tensor model and acquires spati...
متن کاملHarris Operator Corner Detection using Sliding Window Method
In this paper, Harris Corner Detector is proposed as a corner detection technique to extract palmprint features in the form of corners. Here, hamming distance similarity measurement using sliding window method is used as a feature matching method for the corners detected. The aim of using hamming distance method for corner matching is the non-dependency of the method with the number of corners ...
متن کاملWormShield: Collaborative Worm Signature Detection Using Distributed Aggregation Trees
Problem. Large-scale worm outbreak is one of the major security threats to today’s Internet. Network worms exploit the vulnerabilities of widely deployed homogenous software to self-propagate quickly. Moore et al [3] show that the react time of worm containment is only a few minutes and the signature-based filtering is more efficient than source-address filtering. Recent work by Earlybird [4] a...
متن کاملAutograph: Toward Automated, Distributed Worm Signature Detection
Today’s Internet intrusion detection systems (IDSes) monitor edge networks’ DMZs to identify and/or filter malicious flows. While an IDS helps protect the hosts on its local edge network from compromise and denial of service, it cannot alone effectively intervene to halt and reverse the spreading of novel Internet worms. Generation of the worm signatures required by an IDS—the byte patterns sou...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Information Processing
سال: 2011
ISSN: 1882-6652
DOI: 10.2197/ipsjjip.19.180