• DocumentCode
    644297
  • Title

    Automated signature extraction for high volume attacks

  • Author

    Afek, Yehuda ; Bremler-Barr, Anat ; Landau Feibish, Shir

  • Author_Institution
    Blavatnik School of Computer Sciences, Tel Aviv University, Israel
  • fYear
    2013
  • fDate
    21-22 Oct. 2013
  • Firstpage
    147
  • Lastpage
    156
  • Abstract
    We present a basic tool for zero day attack signature extraction. Given two large sets of messages, P of messages captured in the network at peacetime (i.e., mostly legitimate traffic) and A captured during attack time (i.e., contains many attack messages), we present a tool for extracting a set S of strings, that are frequently found in A and not in P. Therefore, a packet containing one of the strings from S is likely to be an attack packet.
  • Keywords
    Algorithm design and analysis; Computer crime; Educational institutions; Error analysis; Frequency estimation; Indexes; Radiation detectors;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Architectures for Networking and Communications Systems (ANCS), 2013 ACM/IEEE Symposium on
  • Conference_Location
    San Jose, CA, USA
  • Print_ISBN
    978-1-4799-1640-5
  • Type

    conf

  • DOI
    10.1109/ANCS.2013.6665197
  • Filename
    6665197
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=644297