A Signature-Based Approach against Polymorphic Internet Worms

1854 Words4 Pages

h Babu Battula Ram Bilash(2010UCP233)

1

CONTENTS

1. Introduction

2. Related Work

3. Design

3.1 Failure Connection Design

3.2 Signature discoverion Design

4. Results

5. Conclusion

6. References

3

1. Introduction

Internet worms present a solemn threat to todays highly

networked computing environment. Unlike other threats

viruses and trojans, worms typically scatter automatically

without active human intervention, resulting in infection

rates that are considerably higher than those of traditional

viruses.

These Active internet worms spread in an automated fash-

ion and can

ood the internet in a very short time. Anti-

virus is signature-based technology. Anti-virus compares

the structure of le to the signatures stored in its database.If

the le contain same signature, means it is infected by

worm. The anti-virus database must be updated regularly

to discover new worms.

The fast reaction times required to emphasize the need for

an automated mechanism to locally discover and control

the spread of a worm.

There are few answers to solve the worm attack. One of the

solutions to update the anti-virus for discovers the worms.

Anti-virus can not discover the worm due to its scatter-

ing speed. Also, anti-virus cant discover unknown internet

worm automatically because it doesnt hang on the worm

behavior but hang on signature to discover it.

Therefore, the anti virus cant discover most of unknown in-

ternet worm automatically, routers and rewalls after con-

gured it can block the packets by congestion signatures,

but those happen after the worm scatter.

4

Automatic perception is particularly challenging because

it is dicult to prophesy what form the next worm will

take. However, automatic percepti...

... middle of paper ...

...d G. Bakos, Using Sensor

Networks and Data Fusion for Early perception of Ac-

tive Worms, Proceedings of the SPIE AeroSense, 2003,

pp. 92104.

 S. Staniford-Chen, S. Cheung, R. Crawford, M. Dil-

ger, J. Frank,J. Hoagland, K. Levitt, C. Wee, R. Yip,

and D. Zerkle, GrIDS-a Graph Based Intrusion percep-

tion System for Large Networks, Proceedings of the

19th National Information Systems Security Confer-

ence, Oct. 1996.

 C. Zou, W. Gong, and D. Towsley, the monitoring and

Early detection of Internet Worms, ACM Trans. on

Networking, 2005.

 S. Chen and Y. Tang, Slowing Down Internet Worms,

Proceedings of 24th International Conference on Dis-

tributed Computing Systems (ICDCS'04), Tokyo, Japan,

Mar. 2004.

 X. Jiang and D. Xu, Pro ling Self-Propagating Worms

via Behavioral Footprinting, Proceedings of ACMWork-

shop on Recurring Malcode, Nov. 2006.

16

More about A Signature-Based Approach against Polymorphic Internet Worms

Open Document