A Worm Behavioral Approach to Susceptible Host Detection
نویسندگان
چکیده
A new detection approach based on worm behaviors for IDS anti-worm is presented. By the method, the susceptible hosts probed by worms can be detected, and then an immediate counter-attack to the susceptible host can be proposed. As a case study, a simulation on the IDS-based anti-worm counter-attacking the malicious worm is given, which shows the new containment is much more effective and bring less traffic to network than the traditional one. It can be used as a reference for Grid security infrastructure.
منابع مشابه
BotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کاملA behavioral approach to worm detection pdf
Downloads 6.behaviors in these two phases are critical for. Behavioral detection is thus more generic and more resilient. Developed a neural approach to worm detection.Worm detection systems have traditionally focused. These approaches focus on global strategies and require. Detecting worm behavior not only lets us is.worms behavioral footprint from the worms traffic traces. From worm detection...
متن کاملWorm virulence estimation for the containment of local worm outbreak
A worm-infected host scanning globally may not cause any new infection in its underlying local network before it is detected and quarantined by a worm detector. To defend this type of scanning hosts, a number of worm scanner detection methods such as failed scan detection, honeypot, and dark port detection are proposed. However, for a stealthier worm limiting its scan inside an enterprise netwo...
متن کاملComparative Analysis of Behavioral Classification of Computer Networks and Early Warning System for Worm Detection
The effort required for detecting worm that threaten the reliability and stability of network resources is in the process of advancing, demanding increasingly sophisticated resources. A worm is a self-propagating program that infects other hosts based on a known vulnerability in network hosts. The spread of active worms does not need any human interaction. There is a growing demand for effectiv...
متن کاملPrevention of Worm at Router Level for Providing Seamless Communication in Network Environment
Worm is the major hurdle, which restricts the comfortable communication in any networks. Worm is a malicious software program that destroys the normal communication in the networking systems. Every system must not be vulnerable to avoid infection by worm in the computing networks. Defending against such worm still plays vital role to the network programmers. Various countermeasures have been ta...
متن کامل