Sciweavers

TON
2010

Thwarting zero-day polymorphic worms with network-level length-based signature generation

13 years 10 months ago
Thwarting zero-day polymorphic worms with network-level length-based signature generation
—It is crucial to detect zero-day polymorphic worms and to generate signatures at network gateways or honeynets so that we can prevent worms from propagating at their early phase. However, most existing network-based signatures are specific to exploit and can be easily evaded. In this paper, we propose generating vulnerability-driven signatures at network level without any host-level analysis of worm execution or vulnerable programs. As the first step, we design a network-based length-based signature generator (LESG) for the worms exploiting buffer overflow
Lanjia Wang, Zhichun Li, Yan Chen, Zhi Fu, Xing Li
Added 31 Jan 2011
Updated 31 Jan 2011
Type Journal
Year 2010
Where TON
Authors Lanjia Wang, Zhichun Li, Yan Chen, Zhi Fu, Xing Li
Comments (0)