Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CONEXT
2007
ACM
2007
ACM
Detecting worm variants using machine learning
Network intrusion detection systems typically detect worms by examining packet or flow logs for known signatures. Not only does this approach mean worms cannot be detected until the signatures are created, but that variants of known worms will remain undetected since they will have different signatures. The intuitive solution is to write more generic signatures. This solution, however, would increase the false alarm rate and is therefore practically not feasible. This paper reports on the feasibility of using a machine learning technique to detect variants of known worms in real-time. Support vector machines (SVMs) are a machine learning technique known to perform well at various pattern recognition tasks, such as text categorization and handwritten digit recognition. Given the efficacy of SVMs in standard pattern recognition problems this work applies SVMs to the worm detection problem. Specifically, we investigate the optimal configuration of SVMs and associated kernel functions...
Real-time TrafficApproach Mean Worms | Computer Networks | CONEXT 2007 | Machine Learning Technique | Work Applies Svms |
| Added | 18 Oct 2010 |
| Updated | 18 Oct 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CONEXT |
| Authors | Oliver Sharma, Mark Girolami, Joseph S. Sventek |
Comments (0)
Researcher Info
|
