Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CIDM
2007
IEEE
2007
IEEE
Detection of Unknown Computer Worms Activity Based on Computer Behavior using Data Mining
— Detecting unknown worms is a challenging task. Extant solutions, such as anti-virus tools, rely mainly on prior explicit knowledge of specific worm signatures. As a result, after the appearance of a new worm on the Web there is a significant delay until an update carrying the worm’s signature is distributed to anti-virus tools. During this time interval a new worm can infect many computers and cause significant damage. We propose an innovative technique for detecting the presence of an unknown worm, not necessarily by recognizing specific instances of the worm, but rather based on the computer measurements. We designed an experiment to test the new technique employing several computer configurations and background applications activity. During the experiments 323 computer features were monitored. Four feature selection techniques were used to reduce the amount of features and four classification algorithms were applied on the resulting feature subsets. Our results indicate that u...
Real-time Traffic| Added | 07 Dec 2010 |
| Updated | 07 Dec 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CIDM |
| Authors | Robert Moskovitch, Ido Gus, Shay Pluderman, Dima Stopel, Clint Feher, Chanan Glezer, Yuval Shahar, Yuval Elovici |
Comments (0)
Researcher Info
|
