• DocumentCode
    3322781
  • Title

    Framework for Integrated Proactive Network Worm Detection and Response

  • Author

    Kotenko, Igor

  • Author_Institution
    Comput. Security Res. Group, St.Petersburg Inst. for Inf. & Autom., St. Petersburg
  • fYear
    2009
  • fDate
    18-20 Feb. 2009
  • Firstpage
    379
  • Lastpage
    386
  • Abstract
    The paper considers an integrated proactive framework for defense against spreading network worms in the Internet. The framework is intended for network worm detection (by recognizing the actions on scanning of network hosts) and containment of worm spreading (by limiting and blocking the packets transmitted by infected hosts). The framework is based on application of different heuristic detection and response mechanisms, their combination and automatic dynamic adaptation according to current network conditions. The paper describes the software system for simulation and evaluation of defense mechanisms investigated against spreading network worms and the results of experiments on detection and containment of network worms.
  • Keywords
    Internet; invasive software; Internet; automatic dynamic adaptation; heuristic detection; integrated proactive framework; network security; network worm detection; software system; Automation; Computer security; Computer worms; Electronic mail; Event detection; Informatics; Network servers; Protection; Telecommunication traffic; Tree graphs; adaptation; network security; network worms; simulation; worm detection and containment;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel, Distributed and Network-based Processing, 2009 17th Euromicro International Conference on
  • Conference_Location
    Weimar
  • ISSN
    1066-6192
  • Print_ISBN
    978-0-7695-3544-9
  • Type

    conf

  • DOI
    10.1109/PDP.2009.52
  • Filename
    4912957
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3322781