• DocumentCode
    1566538
  • Title

    Detection of Malcodes by Packet Classification

  • Author

    Ahmed, Irfan ; Lhee, Kyung-Suk

  • Author_Institution
    Grad. Sch. of Inf. & Commun., Ajou Univ., Ajou
  • fYear
    2008
  • Firstpage
    1028
  • Lastpage
    1035
  • Abstract
    In this paper, we propose an anomaly detection approach that classifies packets into code-type and data-type. Our objective is to detect a packet containing codes flowing into a network port, which normally expects data packets only. The proposed approach can detect potentially malicious packets such as worms, viruses, and shellcodes. We propose a time-efficient algorithm and show the results of our initial experiments.
  • Keywords
    security of data; anomaly detection approach; malcode detection; packet classification; Availability; Communication system security; Data security; Face detection; Frequency; Information analysis; Information security; Intrusion detection; Payloads; Viruses (medical);
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
  • Conference_Location
    Barcelona
  • Print_ISBN
    978-0-7695-3102-1
  • Type

    conf

  • DOI
    10.1109/ARES.2008.100
  • Filename
    4529457
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1566538