and pdfSunday, April 18, 2021 3:53:09 PM2

Defense And Detection Strategies Against Internet Worms Pdf

defense and detection strategies against internet worms pdf

File Name: defense and detection strategies against internet worms .zip
Size: 2036Kb
Published: 18.04.2021

Worms have become a real threat for computer users for the past few years. Worm is more prevalent today than ever before, and both home users and system administrators need to be on the alert to protect their network or company against attacks.

Understanding Worms, Their Behaviour and Containing Them

The network forensic analysis process involves preparation, collection, preservation, examination, analysis, investigation and presentation phases. The proposed system addresses the major challenges in collection, examination and analysis processes. The model is for collecting network data, identifying suspicious packets, examining protocol features misused and validating the attack.

This model has been built with specific reference to security attacks on ICMP protocol that enables forensic experts to analyze the marked suspicious network traffic, thus facilitating cost effective storage and faster analysis of high bandwidth traffic.

The ICMP attacks initiated by worms can be detected using this system. The ability of worms to spread at rates that effectively preclude human-directed reaction has elevated them to a first-class security threat to distributed systems. Thus worm detection has become a vital part in the Intrusion Detection Systems.

A reaction mechanism that seeks to automatically patch vulnerable software is also proposed. This system employs a collection of sensors that detect and capture potential worm infection vectors.

The size of the log file generated by different sensors, used for detecting worm infection vectors can be efficiently reduced by the forensic architecture. It automatically tests the effects of these vectors on appropriately-instrumented sandboxed instances of the targeted application, trying to identify the exploited software weakness. Network forensics relates to the monitoring and analysis of computer network traffic for the purpose of information gathering, legal evidence or intrusion detection.

Unable to display preview. Download preview PDF. Skip to main content. This service is more advanced with JavaScript available. Advertisement Hide. Download book PDF. International Conference on Network Security and Applications.

Authors Authors and affiliations K. Conference paper. This is a preview of subscription content, log in to check access. Sidiroglou, S. Einwechter, N. Hong, S. Nazario, J. Zamboni, D. Karthik, S.

Yasinsac, A. Kaushik, A. Almulhem, A. Kumar, S. Kutty 1 1. Personalised recommendations. Cite paper How to cite? ENW EndNote. Buy options.

Defense and Detection Strategies against Internet Worms

Home Login My Account. Cart 0. Change Location. Defense and Detection Strategies against Internet Worms. By author : Jose Nazario.

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Many worms are designed only to spread, and do not attempt to change the systems they pass through. However, as the Morris worm and Mydoom showed, even these "payload-free" worms can cause major disruption by increasing network traffic and other unintended effects.

The network forensic analysis process involves preparation, collection, preservation, examination, analysis, investigation and presentation phases. The proposed system addresses the major challenges in collection, examination and analysis processes. The model is for collecting network data, identifying suspicious packets, examining protocol features misused and validating the attack. This model has been built with specific reference to security attacks on ICMP protocol that enables forensic experts to analyze the marked suspicious network traffic, thus facilitating cost effective storage and faster analysis of high bandwidth traffic. The ICMP attacks initiated by worms can be detected using this system.

defense and detection strategies against internet worms pdf

Description This is the first book focused exclusively on Internet worms, offering you solid worm detection and mitigation strategies for your work in the field.


Reverse Engineering: EDOWA Worm Analysis and Classification

The network forensic analysis process involves preparation, collection, preservation, examination, analysis, investigation and presentation phases. The proposed system addresses the major challenges in collection, examination and analysis processes. The model is for collecting network data, identifying suspicious packets, examining protocol features misused and validating the attack. This model has been built with specific reference to security attacks on ICMP protocol that enables forensic experts to analyze the marked suspicious network traffic, thus facilitating cost effective storage and faster analysis of high bandwidth traffic.

Items in Shodhganga are protected by copyright, with all rights reserved, unless otherwise indicated.

The scope of this research is computer worm detection. Computer worm has been defined as a process that can cause a possibly evolved copy of it to execute on a remote computer. It does not require human intervention to propagate neither does it attach itself to an existing computer file. It spreads very rapidly. Modern computer worm authors obfuscate the code to make it difficult to detect the computer worm.

Defense Strategy against Network Worms Causing ICMP Attacks and Its Forensic Analysis

Farhan Syed , farhans cse.

2 Comments

  1. Jennifer F.

    23.04.2021 at 18:07
    Reply

    Nazario, Jose. Defense and detection strategies against Internet worms. http://​nazarethsr.org

  2. Zara J.

    24.04.2021 at 13:42
    Reply

    Semantic Scholar extracted view of "Defense and Detection Strategies against Internet Worms" by J. Nazario.

Your email address will not be published. Required fields are marked *