DETECT POLYMORPHIC WORMS BASED ON SEMANTIC SIGNATURE AND DATA-MINING

被引：0

作者：

Wang Wei ^{[1
]}

Luo Dai-sheng ^{[1
]}

Zhang Jianmin ^{[2
]}

机构：

[1] Sichuan Univ, Inst Image Info, Chengdu, Peoples R China

[2] Huazhong Univ Sci & Technol, Wuhan, Peoples R China

来源：

2006 FIRST INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND NETWORKING IN CHINA | 2006年

关键词：

D O I：

暂无

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

In recent years, Internet worms increasingly threaten the Internet hosts and service and polymorphic worms can evade signature-based intrusion detection systems. In this paper, we propose new methods to detect polymorphic worms based on semantic signature and data-mining. Our main contributions of this work are as follows. (1) we propose a worm attack model - the OSJUMP model. (2)Based on the attack model, we analysis the feature of polymorphic worms and the feature of perfect ones. (3) We propose methods to detect worms through recognize JUMP address based on data-mining such as Bayes and ANN. We evaluate some famous worm and polymorphic ones generated from them. The results show that the false negative and performance improved a lot compared to signature-based IDSes.

引用

页数：4

共 50 条

[1] Online detect polymorphic exploit based on data mining
Wang, Wei
Wang, Huazhang
Luo, Daisheng
Fang, Yong
[J]. PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS AND KNOWLEDGE ENGINEERING (ISKE 2007), 2007,
[2] Honeypot-based Signature Generation for Polymorphic Worms
Paul, Sounak
Mishra, Bimal Kumar
[J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2014, 8 (06): : 101 - 114
[3] Using data-mining methods to detect network attacks
Platonov V.V.
Semenov P.O.
[J]. Automatic Control and Computer Sciences, 2015, 49 (08) : 766 - 769
[4] Signature Tree Generation for Polymorphic Worms
Tang, Yong
Xiao, Bin
Lu, Xicheng
[J]. IEEE TRANSACTIONS ON COMPUTERS, 2011, 60 (04) : 565 - 579
[5] DATA-MINING BASED FAULT DETECTION
Ma Hongguang Han Chongzhao (Xi’an Jiaotong University
[J]. Journal of Electronics(China), 2005, (06) : 39 - 45
[6] DATA-MINING BASED FAULT DETECTION
Ma Hongguang Han Chongzhao Xian Jiaotong University Xian China Wang Guohua Xu Jianfeng Zhu Xiaofei Research Institute of High Technology Xian China
[J]. Journal of Electronics., 2005, (06)
[7] An automated signature-based approach against polymorphic Internet worms
Tang, Yong
Chen, Shigang
[J]. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2007, 18 (07) : 879 - 892
[8] A Fast Method of Signature Generation for Polymorphic Worms
Zhang, Jia
Duan, Haixin
Wang, Lanjia
Guan, Yuntao
[J]. ICCEE 2008: PROCEEDINGS OF THE 2008 INTERNATIONAL CONFERENCE ON COMPUTER AND ELECTRICAL ENGINEERING, 2008, : 8 - 13
[9] Clinical Data-Mining
Guzzetta, Charles
[J]. JOURNAL OF TEACHING IN SOCIAL WORK, 2010, 30 (03) : 353 - 355
[10] Data-mining by probability-based patterns
Karegar, M.
Isazadeh, A.
Fartash, F.
Saderi, T.
Navin, A. Habibizad
[J]. PROCEEDINGS OF THE ITI 2008 30TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY INTERFACES, 2008, : 353 - +

← 1 2 3 4 5 →