Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
RAID
2010
Springer
2010
Springer
Community Epidemic Detection Using Time-Correlated Anomalies
Abstract. An epidemic is malicious code running on a subset of a community, a homogeneous set of instances of an application. Syzygy is an epidemic detection framework that looks for time-correlated anomalies, i.e., divergence from a model of dynamic behavior. We show mathematically and experimentally that, by leveraging the statistical properties of a large community, Syzygy is able to detect epidemics even under adverse conditions, such as when an exploit employs both mimicry and polymorphism. This work provides a mathematical basis for Syzygy, describes our particular implementation, and tests the approach with a variety of exploits and on commodity server and desktop applications to demonstrate its effectiveness.
Real-time Traffic| Added | 30 Jan 2011 |
| Updated | 30 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | RAID |
| Authors | Adam J. Oliner, Ashutosh V. Kulkarni, Alex Aiken |
Comments (0)
Researcher Info
|
