Wavelet Analysis Based Worm Attack Early Detection
نویسندگان
چکیده
After many Internet-scale worm incidents in recent years, it is clear that a simple self-propagation worm can quickly spread across the Internet. And every worm incidents can cause severe damage to our society. So it is necessary to build a system that can detect the presence of worm as quickly as possible. This paper first analyzes the worm’s framework and its propagation model. Then, we describe a new monitoring algorithm. Based on the monitoring result, we present an adaptive method to detect un-known worm by using recursive least squares estimation. The experiment result proves that our approach can be effectively, quickly and robust to detect unknown worm.
منابع مشابه
HoneyStat: Local Worm Detection Using Honeypots
Worm detection systems have traditionally used global strategies and focused on scan rates. The noise associated with this approach requires statistical techniques and large data sets (e.g., monitored machines) to avoid false positives. Worm detection techniques for smaller local networks have not been fully explored. We consider how local networks can provide early detection and compliment glo...
متن کاملEfficient Method for Detecting Worm Virus based Bloom- like Connection Behavior
The effort required for detecting worm viruses, that threaten the reliability and stability of network resources, is in the process of advancing, demanding increasingly sophisticated resources. Pattern-based worm virus detection systems use detection methods, which focus on pattern analysis for specific worm viruses. In the event of a different attack method, or a new attack occurs, current sys...
متن کاملSubsea Free Span Pipeline Damage Detection Based on Wavelet Transform under Environmental Load
During their service life, marine pipelines continually accumulate damage as a result of the action of various environmental forces. Clearly, the development of robust techniques for early damage detection is very important to avoid the possible occurrence of a disastrous structural failure. Most of vibration-based damage detection methods require the modal properties that are obtained from mea...
متن کاملDDoS attack detection and wavelets
This paper presents a systematic method for DDoS attack detection. DDoS attack can be considered system anomaly or misuse from which abnormal behavior is imposed on network traffic. Attack detection can be performed via abnormal behavior identification. Network traffic characterization with behavior modeling could be a good guidance of attack detection. Aggregated traffic has been found to be s...
متن کاملA Granularity-adaptive System for in-Network Attack Detection
The early detection of uprising DDoS attacks and worm propagations is still a challenge for today’s network operators. An effective attack mitigation makes the detection of such network hazards close to its sources necessary. We therefore propose to use an in-network attack detection system which can be installed on routers. In high-speed networks a detailed per-packet analysis on a link’s aggr...
متن کامل