Back to Search
Start Over
Worm detection and containment in local networks
- Source :
- 2012 International Conference on Computer Science and Information Processing (CSIP).
- Publication Year :
- 2012
- Publisher :
- IEEE, 2012.
-
Abstract
- To curb worm spread, it is vital to detect worms in time and restrict the victims' network behavior effectively. A worm detection and containment system for local networks is proposed. Normal service requests are characterized with the self-set, which is applied to monitor for suspicious service requests. The system correlates the suspicious service requests in the form of binary trees, and binary trees' anomaly values are monitored for worm attacks. Possible worm victims are determined from the binary trees. Based on the self-set, the worm victims' normal traffic is permitted while their worm activities are strictly contained. Experiments show the system contains worms effectively, and the detrimental effect of the system's deployment on normal network traffic is negligible.
- Subjects :
- Containment (computer programming)
Software_OPERATINGSYSTEMS
Binary tree
Computer science
business.industry
Network security
ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS
fungi
Network behavior
Computer security
computer.software_genre
humanities
parasitic diseases
business
computer
Computer network
Subjects
Details
- Database :
- OpenAIRE
- Journal :
- 2012 International Conference on Computer Science and Information Processing (CSIP)
- Accession number :
- edsair.doi...........c243e545d11080a11d766ce209d4feab