FDF: Frequency detection-based filtering of scanning worms

被引：4

作者：

Kim, Byungseung ^{[1
]}

Kim, Hyogon ^{[2
]}

Bahk, Solewoong ^{[1
]}

机构：

[1] Seoul Natl Univ, INMC, Sch Elect Engn & Comp Sci, Seoul, South Korea

[2] Korea Univ, Dept Comp Sci & Engn, Seoul, South Korea

来源：

COMPUTER COMMUNICATIONS | 2009年 / 32卷 / 05期

关键词：

Scanning worm; Frequency characteristic; Autocorrelation; Intrusion detection system;

D O I：

10.1016/j.comcom.2008.12.010

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we propose a simple algorithm for detecting scanning worms with high detection rate and low false positive rate. The novelty of our algorithm is inspecting the frequency characteristic of scanning worms instead of counting the number of suspicious connections or packets from a monitored network. Its low complexity allows it to be used on any network-based intrusion detection system as a real-time detection module for high-speed networks. Our algorithm need not be adjusted to network status because its parameters depend on application types, which are generally and widely used in any networks such as web and P2P services. By using real traces, we evaluate the performance of our algorithm and compare it with that of SNORT. The results confirm that Our algorithm Outperforms SNORT with respect to detection rate and false positive rate. (C) 2008 Elsevier B.V. All rights reserved.

引用

页码：847 / 857

页数：11

共 50 条

[1] FDF: Frequency Detection-Based Filtering of Scanning Worms
Kim, Byungseung
Bahk, Saewoong
Kim, Hyogon
2006 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-12, 2006, : 2124 - 2129
[2] Detection algorithm of scanning worms based on similarity analysis
Huang Z.-Y.
Zhou J.-L.
Chen X.-L.
Shi X.-L.
Huanan Ligong Daxue Xuebao/Journal of South China University of Technology (Natural Science), 2011, 39 (05): : 73 - 77+101
[3] Artifacts detection-based adaptive filtering to noise reduction of strain imaging
Shao, Dangguo
Yuan, Ye
Xiang, Yan
Yu, Zhengtao
Liu, Paul
Liu, Dong C.
ULTRASONICS, 2019, 98 : 99 - 107
[4] Frequency detection-based boundary-scan testing of AC coupled nets
Kim, Y
Lai, B
Parker, KP
Rearick, J
INTERNATIONAL TEST CONFERENCE 2001, PROCEEDINGS, 2001, : 46 - 53
[5] Detection-based particle filtering for real-time multiple-head tracking applications
Qu, W
Schonfeld, D
Image and Video Communications and Processing 2005, Pts 1 and 2, 2005, 5685 : 411 - 418
[6] Anomaly detection-based condition monitoring
Kas, M.
Wamba, F. F.
INSIGHT, 2022, 64 (08) : 453 - 458
[7] An anomaly detection-based classification system
Hou, Haiyu
Dozier, Gerry
2006 IEEE CONGRESS ON EVOLUTIONARY COMPUTATION, VOLS 1-6, 2006, : 2223 - 2230
[8] A detection-based person tracking algorithm
Hu, D. (dwhu@nudt.edu.cn), 1600, National University of Defense Technology (36):
[9] PD Signal Propagation in GIS: Ultra-High Frequency Detection-Based Modeling
Darwish, Ahmad
Refaat, Shady S.
Abu-Rub, Haitham
Toliyat, Hamid A.
IEEE SENSORS JOURNAL, 2020, 20 (16) : 9417 - 9426
[10] Efficient quarantining of scanning worms:: Optimal detection and coordination
Ganesh, A.
Gunawardena, D.
Key, P.
Massoulie, L.
Scott, J.
25TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS, VOLS 1-7, PROCEEDINGS IEEE INFOCOM 2006, 2006, : 156 - +

← 1 2 3 4 5 →