• DocumentCode
    2256351
  • Title

    Simple security using flow data

  • Author

    Futamura, Kenichi

  • Author_Institution
    AT&T Labs., AT&T, Inc., Middletown, NJ, USA
  • fYear
    2009
  • fDate
    1-2 May 2009
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    Malware attacks cause billions of dollars in economic damage worldwide yearly, and attackers are becoming smarter. We examine techniques for detecting worm propagation in a network using flow-level data. While worm exploits may be difficult to detect due to the wide range of payloads, the propagation phase of a worm is generally much easier to recognize. We examine this step and present one simple method for detecting network worms with no previously known signatures.
  • Keywords
    Internet; invasive software; telecommunication security; telecommunication traffic; Internet; economic damage; flow data security; malware attack; network worm propagation detection; traffic stream; Computer worms; Data security; Information security; Internet; Monitoring; Payloads; Phase detection; Probes; Sockets; TCPIP; botnet; flow; intrusion; propagation; security; worm;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Wireless and Optical Communications Conference, 2009. WOCC 2009. 18th Annual
  • Conference_Location
    Newark, NJ
  • Print_ISBN
    978-1-4244-5217-0
  • Type

    conf

  • DOI
    10.1109/WOCC.2009.5312784
  • Filename
    5312784
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2256351