Title :
A hardware-accelerated system for real-time worm detection
Author :
Madhusudan, Bharath ; Lockwood, John W.
Author_Institution :
Washington Univ., St. Louis, MO, USA
Abstract :
Internet worms work by exploiting vulnerabilities in operating systems and application software that run on end systems. The attacks compromise security and degrade network performance. They cause large economic losses for businesses, in terms of system downtime and lost worker productivity. This article presents the design and implementation of a system that automatically detects new worms in real time by monitoring all traffic on a network. The system uses field-programmable gate arrays (FPGAs) to scan packets for patterns of similar content and can automatically detect the outbreak of a new Internet worm. It instantly reports frequently occurring strings in packet payloads as likely signatures of the malicious software (malware).
Keywords :
Internet; computer network management; field programmable gate arrays; invasive software; real-time systems; telecommunication traffic; FPGAs; Internet worm; field-programmable gate arrays; hardware-accelerated system; malicious software; malware; network traffic monitoring; real-time systems; Application software; Computer worms; Computerized monitoring; Degradation; Field programmable gate arrays; Internet; Operating systems; Productivity; Real time systems; Telecommunication traffic;
Journal_Title :
Micro, IEEE
