Internet Threat Detection, Prediction and Relevant Reaction System for Pattern-freeWorm

With the development of Internet technology, the popularity of the malicious threat has grown beyond our imagination. The emergence of intelligent, sophisticated attack techniques makes the Internet services more vulnerable than ever, which become an important business technology in e-commerce. Many techniques have been proposed to detect (Zou et al., 2003; Lakhina and Diot, 2005; and Krishnamurthy et al., 2003), predict (Kai-Gui Wu, 2006 and Songjie Wei and Kirkovic, 2005) and react (Castaneda and Xuy, 2004 and Williamson, 2002) the malicious worm traffic, yet have limitations. In this paper, we proposed Internet threat detection, prediction and relevant reaction system for pattern-free worm. Our proposed system allows the system to detect, predict, react using grouping traffic characteristics. According to the proposed system, traffic factors generated by respective worms using k-means algorithms are grouped into N groups so that a great of Information may be effectively understood and a worm generated afterward is involved with characteristics of relevant group using cosine similarity for prediction and reaction.