Worm detection and signature extraction based on communication characteristics
Worm detection and signature extraction was presented based on analysis of similar communication character-istics,which identifies the distinct communication pattern of worm spread,and evaluates the similarity metric of commu-nication characteristic sets,and detects worms by detecting their infectiv...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2007-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74655285/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Worm detection and signature extraction was presented based on analysis of similar communication character-istics,which identifies the distinct communication pattern of worm spread,and evaluates the similarity metric of commu-nication characteristic sets,and detects worms by detecting their infectivity with higher detection precision,generality and adaptability.Based on this,a heuristic detection framework is designed,which eliminates non-worm traffic from protocol,sequence,and content in three levels via blind,intent and lock track,then filters out worm packets and extracts signatures.The technique reduces data collection volume and analysis cost dramatically,and can detection worm and ex-tract signature quickly in the environment with high strength background noise. |
|---|---|
| ISSN: | 1000-436X |