Immunity Based Worm Detection System

Immunity Based Worm Detection System

下载PDF

导出

摘要 Current worm detection methods are unable to detect multi-vector polymorphic worms effectively. Based on negative selection mechanism of the immune system, a local network worm detection system that detects worms was proposed. Normal network service requests were represented by self-strings, and the detection system used self-strings to monitor the network for anomaly. According to the properties of worm propagation, a control center correlated the anomalies detected in the form of binary trees to ensure the accuracy of worm detection. Experiments show the system to be effective in detecting the traditional as well as multi-vector polymorphic worms. Current worm detection methods are unable to detect multi-vector polymorphic worms effectively. Based on negative selection mechanism of the immune system, a local network worm detection system that detects worms was proposed. Normal network service requests were represented by self-strings, and the detection system used self-strings to monitor the network for anomaly. According to the properties of worm propagation, a control center correlated the anomalies detected in the form of binary trees to ensure the accuracy of worm detection. Experiments show the system to be effective in detecting the traditional as well as multi-vector polymorphic worms.

作者洪征吴礼发王元元

机构地区 Institute of Command Automation

出处《Journal of Beijing Institute of Technology》 EI CAS 2007年第1期67-73,共7页 北京理工大学学报（英文版）

基金 the National"863"Program Project (2002AA141090 ,2004AA147070)

关键词 worm detection immune system negative selection worm detection immune system negative selection

分类号 TP274 [自动化与计算机技术—检测技术与自动化装置]

引文网络
相关文献

参考文献9

1Hof meyr S A.Ani mmunological model of distributed de- tection andits application to computer security[]..1999 被引量：1
2Staniford S,,Cheung S,Crawford R.The design of GrIDS: A graph-based intrusion detection system[].th National Information Systems Security Conference.1996 被引量：1
3Lee WK,Stolfo S J.Data mining approaches for intru- sion detection[].th USENIX Security Symposium.1998 被引量：1
4Whyte D,,Kranakis E,Oorschot P V.DNS based detec- tion of scanning worms in an enterprise network[].th Annual Network and Distributed System Security Symposium.2005 被引量：1
5Nazario J.Defense and detection strategies against Inter- net worms[ M][]..2004 被引量：1
6Forrest S,,Perelson AS,Allen L.Self-nonself dis- cri minationin a computer[].Proc of the IEEE Sym- posiumon Research in Security and Privacy.1994 被引量：1
7Microsoft Corporation.Port requirements for Microsoft Windows server system. .http:∥support . Microsoft .com/kb/832017/en-us . 2005 被引量：1
8Gu G F,,Sharif M,Qin X Z.Worm detection, early warning and response based onlocal victi minforma- tion[].Proceedings of the th Annual Computer Se- curity Applications Conference.2004 被引量：1
9Thomas T,Christopher K.Connection-history based anomaly detection[].Proc of the IEEE Work- shop onInformation Assurance and Security.2002 被引量：1

1陆娅莉,胡伟.基于蜜罐技术的蠕虫检测系统的研究与设计[J].考试周刊,2007,0(18):113-114.
2沈佳威.蠕虫检测系统的探讨与设计[J].中国新技术新产品,2010(6):47-47.
3薛卫娟,侯奉含,白小翀.基于暗网的蠕虫检测系统的性能[J].解放军理工大学学报（自然科学版）,2009,10(3):273-277. 被引量：10
4蔡登江.基于Honeynet蠕虫检测策略的研究[J].硅谷,2012,5(20):84-85.
5钱旭,顾巍,陈凌晖,丁晓峰.网络蠕虫检测系统的设计和实现[J].现代图书情报技术,2007(1):44-48. 被引量：3
6佟晓筠,王翥,赵章泉.未知蠕虫自动检测技术研究[J].计算机工程,2011,37(20):139-141. 被引量：2
7孙巍巍,任勤.利用时间戳的分布式蠕虫检测系统[J].河南理工大学学报（自然科学版）,2011,30(4):453-457.
8Gou Xiantai Jin Weidong Zhao Duo.MULTI-AGENT SYSTEM FOR WORM DETECTION AND CONTAINMENT IN METROPOLITAN AREA NETWORKS[J].Journal of Electronics(China),2006,23(2):259-265.
9鲍娟,刘娜,魏刚.基于ARM的嵌入式蠕虫检测系统设计与实现[J].微处理机,2013,34(3):22-25.
10鲍娟,喻焰,刘向阳,陈利.基于主机级别的蠕虫检测系统设计及实现[J].微处理机,2009,30(6):30-34.

Journal of Beijing Institute of Technology

2007年第1期

浏览历史

内容加载中请稍等...

Immunity Based Worm Detection System

参考文献9

相关作者

相关机构

相关主题

浏览历史