• DocumentCode
    572899
  • Title

    Worm detection and containment in local networks

  • Author

    Zheng, Hong ; Lifa, Wu ; Huabo, Li ; Fan, Pan

  • Author_Institution
    Inst. of Command Autom., PLA Univ. of Sci. & Technol., Nanjing, China
  • fYear
    2012
  • fDate
    24-26 Aug. 2012
  • Firstpage
    595
  • Lastpage
    598
  • Abstract
    To curb worm spread, it is vital to detect worms in time and restrict the victims´ network behavior effectively. A worm detection and containment system for local networks is proposed. Normal service requests are characterized with the self-set, which is applied to monitor for suspicious service requests. The system correlates the suspicious service requests in the form of binary trees, and binary trees´ anomaly values are monitored for worm attacks. Possible worm victims are determined from the binary trees. Based on the self-set, the worm victims´ normal traffic is permitted while their worm activities are strictly contained. Experiments show the system contains worms effectively, and the detrimental effect of the system´s deployment on normal network traffic is negligible.
  • Keywords
    computer network security; invasive software; binary trees; containment system; local networks; normal network traffic; normal service requests; suspicious service requests; worm attacks; worm detection; worm victims; Grippers; Zinc; binary tree; network security; worm; worm containment strategy;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Science and Information Processing (CSIP), 2012 International Conference on
  • Conference_Location
    Xi´an, Shaanxi
  • Print_ISBN
    978-1-4673-1410-7
  • Type

    conf

  • DOI
    10.1109/CSIP.2012.6308924
  • Filename
    6308924
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=572899