Avijit Mondal, Subrata Paul, A. Mitra, Biswajit Gope
{"title":"Automated signature generation for polymorphic worms using substrings extraction and principal component analysis","authors":"Avijit Mondal, Subrata Paul, A. Mitra, Biswajit Gope","doi":"10.1109/ICCIC.2015.7435724","DOIUrl":null,"url":null,"abstract":"Internet Security system has been largely threatened due to increase in Internet Worms at an alarming rate. Intrusion Detection System signature has been manually generated by security experts during their study on the network status after the release of a new worm. But it can take place after a significant loss of assets. In this research work, we are proposing an automatic method which will generate signature for detection of polymorphic worms. We will be applying Principal Component Analysis (PCA) for determining the important substrings that appears mostly and are pooled amongst the instances of polymorphic worms for using them as signatures. The results generated show the successful detection of polymorphic worms using zero false positives and low false negatives by the PCA.","PeriodicalId":276894,"journal":{"name":"2015 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCIC.2015.7435724","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Internet Security system has been largely threatened due to increase in Internet Worms at an alarming rate. Intrusion Detection System signature has been manually generated by security experts during their study on the network status after the release of a new worm. But it can take place after a significant loss of assets. In this research work, we are proposing an automatic method which will generate signature for detection of polymorphic worms. We will be applying Principal Component Analysis (PCA) for determining the important substrings that appears mostly and are pooled amongst the instances of polymorphic worms for using them as signatures. The results generated show the successful detection of polymorphic worms using zero false positives and low false negatives by the PCA.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
