Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection

Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

2 被引用数 (Scopus)

抄録

The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

本文言語英語
ホスト出版物のタイトルProceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008
ページ485-489
ページ数5
DOI
出版ステータス出版済み - 9 12 2008
イベント2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008 - Busan, 大韓民国
継続期間: 4 24 20084 26 2008

出版物シリーズ

名前Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008

その他

その他2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008
Country大韓民国
CityBusan
Period4/24/084/26/08

All Science Journal Classification (ASJC) codes

  • Computer Graphics and Computer-Aided Design
  • Computer Science Applications
  • Software

フィンガープリント 「Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル