Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection

Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai

研究成果: 著書/レポートタイプへの貢献会議での発言

2 引用 (Scopus)

抄録

The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

元の言語英語
ホスト出版物のタイトルProceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008
ページ485-489
ページ数5
DOI
出版物ステータス出版済み - 9 12 2008
イベント2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008 - Busan, 大韓民国
継続期間: 4 24 20084 26 2008

出版物シリーズ

名前Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008

その他

その他2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008
大韓民国
Busan
期間4/24/084/26/08

Fingerprint

Packet networks
Viruses

All Science Journal Classification (ASJC) codes

  • Computer Graphics and Computer-Aided Design
  • Computer Science Applications
  • Software

これを引用

Tatara, K., Hori, Y., & Sakurai, K. (2008). Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection. : Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008 (pp. 485-489). [4505774] (Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008). https://doi.org/10.1109/MUE.2008.119

Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection. / Tatara, Kohei; Hori, Yoshiaki; Sakurai, Kouichi.

Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008. 2008. p. 485-489 4505774 (Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008).

研究成果: 著書/レポートタイプへの貢献会議での発言

Tatara, K, Hori, Y & Sakurai, K 2008, Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection. : Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008., 4505774, Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008, pp. 485-489, 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008, Busan, 大韓民国, 4/24/08. https://doi.org/10.1109/MUE.2008.119
Tatara K, Hori Y, Sakurai K. Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection. : Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008. 2008. p. 485-489. 4505774. (Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008). https://doi.org/10.1109/MUE.2008.119
Tatara, Kohei ; Hori, Yoshiaki ; Sakurai, Kouichi. / Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection. Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008. 2008. pp. 485-489 (Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008).
@inproceedings{d7fd87aba87448e3a0064ec65a089b11,
title = "Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection",
abstract = "The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.",
author = "Kohei Tatara and Yoshiaki Hori and Kouichi Sakurai",
year = "2008",
month = "9",
day = "12",
doi = "10.1109/MUE.2008.119",
language = "English",
isbn = "0769531342",
series = "Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008",
pages = "485--489",
booktitle = "Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008",

}

TY - GEN

T1 - Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection

AU - Tatara, Kohei

AU - Hori, Yoshiaki

AU - Sakurai, Kouichi

PY - 2008/9/12

Y1 - 2008/9/12

N2 - The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

AB - The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

UR - http://www.scopus.com/inward/record.url?scp=51249119473&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=51249119473&partnerID=8YFLogxK

U2 - 10.1109/MUE.2008.119

DO - 10.1109/MUE.2008.119

M3 - Conference contribution

AN - SCOPUS:51249119473

SN - 0769531342

SN - 9780769531342

T3 - Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008

SP - 485

EP - 489

BT - Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008

ER -