Title :
Worm detection using CPN
Author :
Peishun, Liu ; Jianbo, Wang ; Dake, He
Author_Institution :
Sch. of Comput. & Commun. Eng., Southwest Jiaotong Univ., Sichuan, China
Abstract :
We use a combination of techniques from the behavior monitors and colored Petri net to detecting virus and worms. The malicious behavior is represented as Petri net and the notions of initial states and final state are used to define matching in this model. We generalize the model to deal with polymorphism of worms. However, it may generate many false alarms from normal activity. To solve this problem study mechanism is introduced into our model. The chief advantage of properly implementing our model is that it works for all worms - the ones that have been known currently and the ones yet to be discovered.
Keywords :
Petri nets; graph colouring; invasive software; colored Petri net; study mechanism; worm detection; Computer viruses; Computer worms; Computerized monitoring; History; Internet; Intrusion detection; Pattern matching; Power system modeling; Security; Viruses (medical);
Conference_Titel :
Systems, Man and Cybernetics, 2004 IEEE International Conference on
Print_ISBN :
0-7803-8566-7
DOI :
10.1109/ICSMC.2004.1401314
