Early Containment of Fast Network Worm Malware

被引:0
作者
Ahmad, Muhammad Aminu [1 ]
Woodhead, Steve [1 ]
Gan, Diane [2 ]
机构
[1] Univ Greenwich, Internet Secur Res Lab, Dept Engn Sci, London SE18 6PF, England
[2] Univ Greenwich, Dept Comp & Informat Syst, London SE18 6PF, England
来源
2016 3RD NATIONAL FOUNDATION FOR SCIENCE AND TECHNOLOGY DEVELOPMENT CONFERENCE ON INFORMATION AND COMPUTER SCIENCE (NICS) | 2016年
关键词
Containment; worm detection; malware; cyber defence; INTRUSION DETECTION;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper presents a countermeasure mechanism for the propagation of fast network worm malware. The mechanism uses a cross layer architecture with a detection technique at the network layer to identify worm infection and a data-link containment solution to block an identified infected host. A software prototype of the mechanism has been used to demonstrate its effective. An empirical analysis of network worm propagation has been conducted to test the mechanism. The results show that the developed mechanism is effective in containing self-propagating malware with almost no false positives.
引用
收藏
页码:195 / 201
页数:7
相关论文
共 23 条
[1]   Containment of Fast Scanning Computer Network Worms [J].
Ahmad, Muhammad Aminu ;
Woodhead, Steve .
INTERNET AND DISTRIBUTED COMPUTING SYSTEMS, IDCS 2015, 2015, 9258 :235-247
[2]  
[Anonymous], P WORLD C ENG
[3]  
[Anonymous], 2014, COMPUT INTELL CYBER
[4]  
[Anonymous], W32 STUXNET DOSSIER
[5]   The Cousins of Stuxnet: Duqu, Flame, and Gauss [J].
Bencsath, Boldizsar ;
Pek, Gabor ;
Buttyan, Levente ;
Felegyhazi, Mark .
FUTURE INTERNET, 2012, 4 (04) :971-1003
[6]  
Chetty M, 2011, 29TH ANNUAL CHI CONFERENCE ON HUMAN FACTORS IN COMPUTING SYSTEMS, P1889
[7]  
CVE, Common vulnerabilities and exposures
[8]  
Fosnock C., 2005, Computer Worms: Past, Present, and Future, V8
[9]   Anomaly-based network intrusion detection: Techniques, systems and challenges [J].
Garcia-Teodoro, P. ;
Diaz-Verdejo, J. ;
Macia-Fernandez, G. ;
Vazquez, E. .
COMPUTERS & SECURITY, 2009, 28 (1-2) :18-28
[10]  
Guofei Gu, 2004, Proceedings. 20th Annual Computer Security Applications Conference, P136
123