DocumentCode :
644297
Title :
Automated signature extraction for high volume attacks
Author :
Afek, Yehuda ; Bremler-Barr, Anat ; Landau Feibish, Shir
Author_Institution :
Blavatnik School of Computer Sciences, Tel Aviv University, Israel
fYear :
2013
fDate :
21-22 Oct. 2013
Firstpage :
147
Lastpage :
156
Abstract :
We present a basic tool for zero day attack signature extraction. Given two large sets of messages, P of messages captured in the network at peacetime (i.e., mostly legitimate traffic) and A captured during attack time (i.e., contains many attack messages), we present a tool for extracting a set S of strings, that are frequently found in A and not in P. Therefore, a packet containing one of the strings from S is likely to be an attack packet.
Keywords :
Algorithm design and analysis; Computer crime; Educational institutions; Error analysis; Frequency estimation; Indexes; Radiation detectors;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Architectures for Networking and Communications Systems (ANCS), 2013 ACM/IEEE Symposium on
Conference_Location :
San Jose, CA, USA
Print_ISBN :
978-1-4799-1640-5
Type :
conf
DOI :
10.1109/ANCS.2013.6665197
Filename :
6665197
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=644297
بازگشت