• DocumentCode
    3062431
  • Title

    On the Effectiveness of multi-similarity for early detection of worms

  • Author

    He, Hui ; Hu, Mingzeng ; Zhang, HongLi ; Tang, Zhenjiang

  • Author_Institution
    Harbin Institute of Technology, China
  • fYear
    2005
  • fDate
    05-08 Dec. 2005
  • Firstpage
    229
  • Lastpage
    233
  • Abstract
    In this paper, an effective algorithm for early detection of worms is proposed. The early detection algorithm based on multi-similarity integrates the worms’ behavior attributes with their traffic distribution and detects abnormal behavior by their similarity distribution change of some attributes. Three groups of experiments are conducted to evaluate the effectiveness of the algorithm. The results show that the multi-similarity owning the specialty of higher true positive, lower false positive and false negative. It can be conclude that the algorithm can detect the worm attack ahead of its overspreading on the large-scale network.
  • Keywords
    Change detection algorithms; Computer science; Computer worms; Detection algorithms; Explosives; Helium; IP networks; Internet; Large-scale systems; Stochastic processes;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Computing, Applications and Technologies, 2005. PDCAT 2005. Sixth International Conference on
  • Print_ISBN
    0-7695-2405-2
  • Type

    conf

  • DOI
    10.1109/PDCAT.2005.258
  • Filename
    1578903
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3062431