Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection

Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

Original languageEnglish
Title of host publicationProceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008
Pages485-489
Number of pages5
DOIs
Publication statusPublished - Sep 12 2008
Event2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008 - Busan, Korea, Republic of
Duration: Apr 24 2008Apr 26 2008

Publication series

NameProceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008

Other

Other2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008
CountryKorea, Republic of
CityBusan
Period4/24/084/26/08

All Science Journal Classification (ASJC) codes

  • Computer Graphics and Computer-Aided Design
  • Computer Science Applications
  • Software

Fingerprint Dive into the research topics of 'Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection'. Together they form a unique fingerprint.

Cite this