Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ANCS
2006
ACM
2006
ACM
WormTerminator: an effective containment of unknown and polymorphic fast spreading worms
The fast spreading worm is becoming one of the most serious threats to today’s networked information systems. A fast spreading worm could infect hundreds of thousands of hosts within a few minutes. In order to stop a fast spreading worm, we need the capability to detect and contain worms automatically in real-time. While signature based worm detection and containment are effective in detecting and containing known worms, they are inherently ineffective against previously unknown worms and polymorphic worms. Existing traffic anomaly pattern based approaches have the potential to detect and/or contain previously unknown and polymorphic worms, but they either impose too much constraint on normal traffic or allow too much infectious worm traffic to go out to the Internet before an unknown or polymorphic worm can be detected. In this paper, we present WormTerminator, which can detect and completely contain, at least in theory, almost all fast spreading worms in real-time while blocking...
Real-time Traffic| Added | 13 Jun 2010 |
| Updated | 13 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | ANCS |
| Authors | Songqing Chen, Xinyuan Wang, Lei Liu, Xinwen Zhang |
Comments (0)
Researcher Info
|
