loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Youhei Suzuki ; Yuji Waizumi ; Hiroshi Tsunoda and Yoshiaki Nemoto

Affiliation: Graduate School of Information Sciences, Tohoku University, Japan

Keyword(s): Worm, Similarity of Flow Payloads, Clustering, Intrusion Detection.

Related Ontology Subjects/Areas/Topics: Internet Technology ; Intrusion Detection and Response ; Web Information Systems and Technologies ; Web Security and Privacy

Abstract: Recently, damages of information systems by worms have been reported at global level. Signature based Intrusion Detection Systems (IDSs) are widley used to prevent these damages. To handle newly created worms, automatic signature generation techniques based on common strings in the payloads of multiple worm flows of the same kind have been proposed. Because these techniques need to use multiple strings as a signature for each kind of worm to acheive high detection accuracy, the calculation cost to detect worms is a serious issue. In this paper, we propose a novel scheme that does not use common character strings. The proposed scheme uses a 256-dimensional vector based on the appearance frequencies of 256 character codes. This vector is generated automatically and used as a mean to detect worms with low cost. In addition, we construct a cheap worm detection system by using the proposed method as the first stage analysis of conventional IDS. We evaluate the proposed scheme through expe riments and present its performance. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.91.203.238

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Suzuki, Y.; Waizumi, Y.; Tsunoda, H. and Nemoto, Y. (2007). A LOW COST WORM DETECTION TECHNIQUE BASED ON FLOW PAYLOAD SIMILARITY. In Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 2: WEBIST; ISBN 978-972-8865-77-1; ISSN 2184-3252, SciTePress, pages 414-417. DOI: 10.5220/0001279704140417

@conference{webist07,
author={Youhei Suzuki. and Yuji Waizumi. and Hiroshi Tsunoda. and Yoshiaki Nemoto.},
title={A LOW COST WORM DETECTION TECHNIQUE BASED ON FLOW PAYLOAD SIMILARITY},
booktitle={Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 2: WEBIST},
year={2007},
pages={414-417},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001279704140417},
isbn={978-972-8865-77-1},
issn={2184-3252},
}

TY - CONF

JO - Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 2: WEBIST
TI - A LOW COST WORM DETECTION TECHNIQUE BASED ON FLOW PAYLOAD SIMILARITY
SN - 978-972-8865-77-1
IS - 2184-3252
AU - Suzuki, Y.
AU - Waizumi, Y.
AU - Tsunoda, H.
AU - Nemoto, Y.
PY - 2007
SP - 414
EP - 417
DO - 10.5220/0001279704140417
PB - SciTePress