Abstract | ||
---|---|---|
Internet worms are increasing every year, and they increasingly threaten the availability and integrity of Internet-based services. Polymorphic worms evade signature-based Intrusion Detection Systems (IDSs) by varying their payload on every infection attempt. In this paper, we propose a system for automated signature generation for Zero-day polymorphic worms. We have designed a novel double-honeynet system, which is able to detect new worms that have not been seen before. The system is based on an efficient algorithm that uses worms binary representation for pattern matching. The system is able to generate accurate signatures for single and multiple worms. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1109/ICSEA.2009.64 | ICSEA |
Keywords | Field | DocType |
Internet,digital signatures,invasive software,pattern matching,Internet worms,Internet-based services,automated signature generation,double-honeynet system,pattern matching,polymorphic worm detection,signature-based intrusion detection system,worm binary representation,zero-day polymorphic worms,Honeynet,Internet security,Polymorphic worms | Honeypot,Internet security,Computer science,Computer security,Computer network,Digital signature,Theoretical computer science,Intrusion detection system,Pattern matching,The Internet,Payload | Conference |
Citations | PageRank | References |
1 | 0.40 | 9 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mohssen M. Z. E. Mohammed | 1 | 10 | 3.36 |
H. Anthony Chan | 2 | 389 | 41.04 |
Neco Ventura | 3 | 124 | 25.86 |
Mohsin Hashim | 4 | 4 | 2.20 |
Izzeldin Amin | 5 | 1 | 1.07 |