Referenced Items are not available for this document.
Internet worms pose a major threat to Internet infrastructure security, and their destruction causes loss of millions of dollars. Therefore, the networks must be pro-tected as much as possible to avoid losses. In this paper we propose accurate system for signature generation for Zero-day polymorphic worms. We have designed a novel double-honeynet system, which is able to detect new worms that have not been seen before. We apply Princi-pal Component Analysis (PCA) to determine the most significant substrings that are shared between po-lymorphic worm instances. The experimental results show that the PCA has successfully detected polymorphic worms with zero false positives and zero false negatives.
Published in:
GLOBECOM Workshops (GC Wkshps), 2010 IEEE
Date of Conference: 6-10 Dec. 2010
- Page(s):
- 1555 - 1560
- Print ISBN:
- 978-1-4244-8863-6
- INSPEC Accession Number:
- 11792104
- Conference Location :
- Miami, FL
- Digital Object Identifier :
- 10.1109/GLOCOMW.2010.5700200
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
