Hierarchical Network Signature Clustering and Generation

被引:0
作者
Choi, Sunoh [1 ]
Lee, Jooyoung [1 ]
Choi, Yangseo [1 ]
Kim, Jonghyun [1 ]
Kim, Ikkyun [1 ]
机构
[1] Elect & Telecommun Res Inst, Network Secur Res Grp, Daejeon, South Korea
来源
2016 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC 2016): TOWARDS SMARTER HYPER-CONNECTED WORLD | 2016年
关键词
Network Signature; Clustering; Signature Generation;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Nowadays we face a lot of malware. When we access web sites, they are secretly downloaded by drive-by-download and when we receive emails, the attached files contain malware. The malware cause a lot of damage to the infected hosts and networks. So, detecting malware is very important. However, recent malware are made not to be detected by an Intrusion Detection System (IDS). In order to prevent this problem, it is very crucial to generate new signatures fast when new malware are discovered. This paper proposes a method to make a hierarchical signature cluster tree from the existing network signatures and suggests a scheme to make new signatures fast by comparing with the hierarchical signature cluster tree when new malware are discovered.
引用
收藏
页码:1191 / 1193
页数:3
相关论文
共 7 条
  • [1] [Anonymous], FIRMA MALWARE CLUSTE
  • [2] Kim H., 2004, Autograph: Toward Automated, Distributed Worm Signature Detection, SSYM'04
  • [3] Kreibich C, 2003, HONEYCOMB CREATING I
  • [4] Li Z., 2006, Hamsa: Fast Signature Generation for Zero-day PolymorphicWorms with Provable Attack Resilience, SP 2006
  • [5] Newsome J., 2005, POLYGRAPH AUTOMATICA
  • [6] Perdisci R., 2010, BEHAV CLUSTERING HTT, V10
  • [7] Singh S, 2004, AUTOMATED WORK FINGE
1