A Signature-Based Approach against Polymorphic Internet Worms

1854 Words4 Pages

h Babu Battula Ram Bilash(2010UCP233)

1

CONTENTS

1. Introduction

2. Related Work

3. Design

3.1 Failure Connection Design

3.2 Signature discoverion Design

4. Results

5. Conclusion

6. References

3

1. Introduction

Internet worms present a solemn threat to todays highly

networked computing environment. Unlike other threats

viruses and trojans, worms typically scatter automatically

without active human intervention, resulting in infection

rates that are considerably higher than those of traditional

viruses.

These Active internet worms spread in an automated fash-

ion and can

ood the internet in a very short time. Anti-

virus is signature-based technology. Anti-virus compares

the structure of le to the signatures stored in its database.If

the le contain same signature, means it is infected by

worm. The anti-virus database must be updated regularly

to discover new worms.

The fast reaction times required to emphasize the need for

an automated mechanism to locally discover and control

the spread of a worm.

There are few answers to solve the worm attack. One of the

solutions to update the anti-virus for discovers the worms.

Anti-virus can not discover the worm due to its scatter-

ing speed. Also, anti-virus cant discover unknown internet

worm automatically because it doesnt hang on the worm

behavior but hang on signature to discover it.

Therefore, the anti virus cant discover most of unknown in-

ternet worm automatically, routers and rewalls after con-

gured it can block the packets by congestion signatures,

but those happen after the worm scatter.

4

Automatic perception is particularly challenging because

it is dicult to prophesy what form the next worm will

take. However, automatic percepti...

... middle of paper ...

...d G. Bakos, Using Sensor

Networks and Data Fusion for Early perception of Ac-

tive Worms, Proceedings of the SPIE AeroSense, 2003,

pp. 92104.

 S. Staniford-Chen, S. Cheung, R. Crawford, M. Dil-

ger, J. Frank,J. Hoagland, K. Levitt, C. Wee, R. Yip,

and D. Zerkle, GrIDS-a Graph Based Intrusion percep-

tion System for Large Networks, Proceedings of the

19th National Information Systems Security Confer-

ence, Oct. 1996.

 C. Zou, W. Gong, and D. Towsley, the monitoring and

Early detection of Internet Worms, ACM Trans. on

Networking, 2005.

 S. Chen and Y. Tang, Slowing Down Internet Worms,

Proceedings of 24th International Conference on Dis-

tributed Computing Systems (ICDCS'04), Tokyo, Japan,

Mar. 2004.

 X. Jiang and D. Xu, Pro ling Self-Propagating Worms

via Behavioral Footprinting, Proceedings of ACMWork-

shop on Recurring Malcode, Nov. 2006.

16

Show More
Related

  • Malware : An Anti Virus Protection Software

    726 Words  | 2 Pages

    At the Aim Higher College there have been recently discovered malware on the campus systems that are due to many recent attacks. I used an Anti-virus protection software called AVG on the computer systems on campus and ran a whole computer scan. The results came back very quick of numbers of malware being high and medium priorities that these should not be taken lightly. Furthermore, the scan found many viruses, Trojans, and malicious software and applications.

    Read More

  • Nt1330 Unit 3 Assignment 1

    642 Words  | 2 Pages

    The SIEM is a log management system where every network device, server or workstation will send their logs for storage, correlation and analysis. The analysis will provide alerts similar to the NIDS and HIDS. In addition, the log correlation could be used to help track where and when malicious activity has occurred and on what system(s) the activity was seen. The combination of the NIDS, HIDS and SIEM will provide a good array of detection for malicious users, software or unauthorized system access.

    Read More

  • An Analysis of the Nature of the SANS Institute

    1076 Words  | 3 Pages

    "SANS 2011 - Event-At-A-Glance." SANS: Computer Security Training, Network Security Research, InfoSec Resources. Web. 17 Mar. 2011. .

    Read More

  • Parsnip Web Worm

    319 Words  | 1 Pages

    Dr. May Berenbaum, an entomologist at University of Illinois, has conducted over 40 years of research on parsnips and the parsnip web worm. During her lecture on March 22nd, she explained how parsnips are invasive weeds that are full of toxic furanocoumarins. Interestingly, the parsnip webworm only eats the parsnips and is able to process the toxin very well. The interactions between the web worm and parsnips cause the parsnips to select for plants with a higher amount of furanocoumarins in order to defend themselves from the worms. When the worms are not there, i.e. in New Zealand, the parsnip plants grow taller and develop more ways to attract pollinators, and they do not put energy into having as many furanocoumarins

    Read More

  • Aim Higher College: A Case Study

    741 Words  | 2 Pages

    The Aim Higher College’s system administrators and network engineers have described seeing some strange behaviors such as high levels of traffic from many hosts that are causing system outages. The web servers of the college have been shutting down frequently by this traffic, it must be from a hacker group trying to attack the school with malicious software. I will review the network traffic from the college’s intrusion detection system and use an intrusion prevention system to block off these threats from the hackers.

    Read More

  • Security Risk Management SRM and Auditing

    1032 Words  | 3 Pages

    Security is a wide concept, it is a separated subject with its own theories, "which focus on the process of attack and on preventing, detecting and recovering from attacks" (William 1996). Certainly, these processes should be well organized in coping with the complex system issues. A coherent approach should be taken, which builds on established security standards, procedu...

    Read More

  • Intrusion Detection Systems

    1596 Words  | 4 Pages

    In 1980, James Anderson’s paper, Computer Security Threat Monitoring and Surveillance, bore the notion of intrusion detection. Through government funding and serious corporate interest allowed for intrusion detection systems(IDS) to develope into their current state. So what exactly is IDS? An IDS is used to detect malicious network traffic and computer usage through attack signatures. The IDS watches for attacks not only from incoming internet traffic but also for attacks that originate in the system. When a potential attack is detected the IDS logs the information and sends an alert to the console. How the alert is detected and handled at is dependent on the type of IDS in place. Through this paper we will discuss the different types of IDS and how they detect and handle the alerts, the difference between a passive and a reactive system and some general IDS intrusion invasion techniques.

    Read More

  • The Denial Of Service Attack (Dos)

    324 Words  | 1 Pages

    The Denial of Service attack (DoS), in this attack, the attacker does not actually access the system, but rather simply blocks access from legitimate users. In the words of the CERT (Computer Emergency Response Team) Coordination Center (the first computer security incident response team), “A ‘Denial-of-Service’ attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service” (CERT, 2003). One often-used blocking method is flooding the targeted system with so many false connection requests that it cannot respond to legitimate requests. DoS is an extremely common attack method, second only to malware. (Easttom, 2014)

    Read More

  • Information Security Essay

    1838 Words  | 4 Pages

    This is the information age. There are financial and corporate information, research and analysis, trends have lead the trend and military intelligence. Information classified as confidential, sensitive and critical. There are gleaning information extraction and automated tools. There are management solutions, such as content management, knowledge management and document management, information management collected for. There are different mechanisms for storing information storage. Finally, information security, there are tools and techniques. In this paper, three important types of security information we need to discuss, such as security information from hackers, during transit to ensure that information and the protection of information stored in the system can be lost or stolen. Finally, a brief about wireless security has been described here. The Internet has become the information superhighway. Evolving Internet and related technologies have allowed companies to communicate in new ways with all types of people and strategic organization. Over the years, there have been increased after the distinctive features of Internet connection. As needs change, the more powerful the service of humanity encountered, faster connections, and what can be done in the need for more flexibility. Initially, the service, such as a simple POP3-based email and Web access is the extent of an Internet connection. Today, we have a site-to-site virtual private network (VPN), clients and home users VPN, streaming media, Web-based training, wonderful Internet applications, e-commerce, and business-to-business extranet. Therefore, the development of the Internet to meet the needs of a variety of advanced human society. On the home front, fr...

    Read More

  • Botnets

    1101 Words  | 3 Pages

    In this paper we are going to tell you about Botnets. We are going to tell you what botnets are and what they are used for. There are a couple of differed participants in this case, the people controlling the botnets and the people that the botnets are affecting. In this paper we also look at different moral principles and how they affect the way botnets are looked at. One of the moral principles we look at is Absolute moral principles. People with absolute moral principles look at things as they are either right or wrong, Black or White. There are no in-betweens with people who have these morals, there is no gray area. When some people look at botnets think that they are totally wrong and should be wiped out. The other moral principle that we looked at were relative moral principles. People with these moral principles tend to look at thing as if they are right a in certain cases and wrong in others. People with moral principle tend to look at botnets as sometimes good and sometimes bad.

    Read More

  • Network Security Monitoring Tools

    877 Words  | 2 Pages

    Due to their complexity and importance to information security, two security systems, Network Intrusion Detection/Prevention Systems (NIDPS) and Security Information and Event Management systems (SIEM), will be explored in this paper. Both have multiple functionalities, including threat-detecting capabilities, and are widely considered essential tools for adequate network defense, particularly in the goal of fortifying valuable assets in the face of an advanced threat. Understanding these systems is vital for any security operation tasked with defending significant networks.

    Read More

  • Hackers and the Internet

    1370 Words  | 3 Pages

    Hackers and the Internet Internet Security covers a broad list of topics. I have chosen to cover hackers and their history. I will go through who hackers are and how we define hackers. I will also cover the history of how hackers got started. This was a very interesting topic and may surprise a lot of people who have had misconceptions about what hackers do due to how the are covered by the media.

    Read More

  • Protecting Against Malware Essay

    2372 Words  | 5 Pages

    “ Prevention is better than cure ”, if computer users are aware of Malware attacks, they may prevent those attacks . So, in this research paper i am going to focus on Malware and Protecting Against Malware.

    Read More

  • CyberCrime: Preventing the Horrific Crimes on the Internet

    1424 Words  | 3 Pages

    In today's society, many aspects of crime committed on a regular basis. Civilians take advantage of people all the time using online resources such as a fraudulent website requiring credit card information to get a free monthly trial. Other examples of cyber crimes are online chatting website, full of predators or websites needing a downloadable program that contains a hacking virus. Sadly, there are many cases of cyber crime all over the internet. The acts of cyber crimes are considered violent acts like any other. Every day citizens are constantly losing money and being victimized due to these fraudulent activities. Cyber crime, including fraud, identity theft, stalking, and hacking, is a growing problem which can be prevented by taking the proper precautions.

    Read More

  • Protect Yourself Online

    1685 Words  | 4 Pages

    The book is structured into four parts: Part 1 discusses the fundamentals of Internet security and privacy, Part 2 specializes in privacy while on the World Wide Web, Part 3’s topics are e-mail security and privacy, and Part 4 discusses the ways in which to secure a computer. Following the structure of the book, I will review and summarize the most important aspects of the parts and chapters in chronological order.

    Read More

More about A Signature-Based Approach against Polymorphic Internet Worms

Open Document