Behaviour based worm detection and signature automation

1Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.

Abstract

Problem statement: A worm is a malicious piece of code that self-propagates, often via network connections, to exploit security flaws in computers connected through the network. In general, worms do not need any human intervention to propagate and are considered a real threat to network assets and the properties of organizations. An Intrusion Detection Systems (IDSs) are employed to detect the presence of the worms in the network. Approach: This study proposed a new behaviourbased worm detection and signature automation approach that consists of scanning characteristics to find vulnerable hosts and indicate the correlation between an infected host and potential destination hosts. Results: This approach can be distinguish between network scanning (random and sequential TCP and UDP worm scanning) triggered by infected and non-infected hosts. In addition, the ability to detect the worms based on its behaviours. Conclusion: Identifying network worms at an early stage can increase the protection of network services and vulnerable hosts. © 2011 Science Publications.

Cite

CITATION STYLE

APA

Anbar, M., Manickam, S., Hosam, A. S., Chai, K. S., Baklizi, M., & Almomani, A. (2011). Behaviour based worm detection and signature automation. Journal of Computer Science, 7(11), 1724–1728. https://doi.org/10.3844/jcssp.2011.1724.1728

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free