Signature metrics for accurate and automated worm detection

    WORM, pp. 65-72, 2006.

    Cited by: 10|Bibtex|Views8|Links
    EI
    Keywords:
    automated worm detectionuniversity trafficautomated payload fingerprintingzotob outbreakfalse positiveMore(8+)

    Abstract:

    This paper presents two simple algorithms, TreeCount and SenderCount that detect a broad range of exploit-based and email worms, respectively. These algorithms, when combined with automated payload fingerprinting, generate precise worm payload signatures. We show that fundamental traffic properties of most worms, such as infected hosts' a...More

    Code:

    Data:

    Your rating :
    0

     

    Tags
    Comments