Stochastic Model for Capturing the Probabilistic Nature of Malware Propagation on an Arbitrary Topology
暂无分享,去创建一个
Today's computer world the Active worm's are the major security issues in the Internet. This is because of the ability of active worms to execute in an automated fashion as they continuously attack the computers on the Internet. Here we find a new class of active worms, called as Camouflaging Worm (C-Worm). The C-Worm is different from regular worms because of its ability to change its scan traffic volume over time very cleverly. so, the C-Worm hides from its propagation from existing worm detection applications based on analyzing the propagation traffic generated by worms. we design a spectrum-based scheme to detect the C-Worm. Our scheme uses the Power Camouflaging Worm distribution of the scan traffic volume and its corresponding Spectral Flatness Measure (SFM) to distinguish the C-Worm traffic from background traffic Using a real-world traces as background traffic, we conduct extensive performance evaluations on our proposed spectrum-based detection scheme. The performance data clearly shows that our scheme can effectively detect the C-Worm propagation. Furthermore, we show the generality of our spectrum-based scheme in effectively detecting not only the C-Worm, but traditional worms as well.
[1] David Moore,et al. Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.
[2] Ali Mahlooji Far,et al. Retinal Image Analysis Using Curvelet Transform and Multistructure Elements Morphology by Reconstruction , 2011, IEEE Transactions on Biomedical Engineering.
[3] Stefan Savage,et al. Inside the Slammer Worm , 2003, IEEE Secur. Priv..
[4] V. Khanaa,et al. An Integrated Agent System for E-mail Coordination using Jade , 2013 .