Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IJSN
2008
2008
Syntax vs. semantics: competing approaches to dynamic network intrusion detection
: Malicious network traffic, including widespread worm activity, is a growing threat to Internet-connected networks and hosts. In this paper, we consider two competing approaches to dynamic network intrusion detection: syntax based and semantics based approaches. For the syntax driven approach, we propose two sliding window based schemes to generate potential worm signatures automatically. Since syntax based approaches cannot cope well with sophisticated polymorphic and metamorphic worms, the semantics-based approach is a better alternative. Our contribution in this work is threefold: (a) our syntax-based scheme that uses variable-length partition with multiple breakmarks can detect many polymorphic worms, (b) we believe our semantic-based prototype is the first NIDS that provides semantics-aware capability and our system is more efficient than what is reported by Christodorescu et al (2005), (c) our designed templates can capture polymorphic shellcodes with added sequences of stack an...
Real-time Traffic| Added | 12 Dec 2010 |
| Updated | 12 Dec 2010 |
| Type | Journal |
| Year | 2008 |
| Where | IJSN |
| Authors | Walter J. Scheirer, Mooi Choo Chuah |
Comments (0)
Researcher Info
|
