• DocumentCode
    428864
  • Title

    Worm detection using CPN

  • Author

    Peishun, Liu ; Jianbo, Wang ; Dake, He

  • Author_Institution
    Sch. of Comput. & Commun. Eng., Southwest Jiaotong Univ., Sichuan, China
  • Volume
    5
  • fYear
    2004
  • fDate
    10-13 Oct. 2004
  • Firstpage
    4941
  • Abstract
    We use a combination of techniques from the behavior monitors and colored Petri net to detecting virus and worms. The malicious behavior is represented as Petri net and the notions of initial states and final state are used to define matching in this model. We generalize the model to deal with polymorphism of worms. However, it may generate many false alarms from normal activity. To solve this problem study mechanism is introduced into our model. The chief advantage of properly implementing our model is that it works for all worms - the ones that have been known currently and the ones yet to be discovered.
  • Keywords
    Petri nets; graph colouring; invasive software; colored Petri net; study mechanism; worm detection; Computer viruses; Computer worms; Computerized monitoring; History; Internet; Intrusion detection; Pattern matching; Power system modeling; Security; Viruses (medical);
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Systems, Man and Cybernetics, 2004 IEEE International Conference on
  • ISSN
    1062-922X
  • Print_ISBN
    0-7803-8566-7
  • Type

    conf

  • DOI
    10.1109/ICSMC.2004.1401314
  • Filename
    1401314
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=428864