The Design and Testing of Automated Signature Generation Engine for Worms Detection
作者: Sijung Kim , Geuk Lee , Bonghan Kim
DOI: 10.1007/978-3-540-72830-6_101
关键词:
摘要: We have proposed automated signature generation engine for unknown attack detection. For this proposal, we studied divided into header field and payload field. Especially, in field, agent which can be presented by using Suffix tree, Longest Common Subsequence(LCSeq) among them is used to generate new automatically. Through the test, Snort generated are compared evaluated.
springer.com
sci-hub.st 参考文章(8)
Brad Karp, Hyang-Ah Kim, Autograph: toward automated, distributed worm signature detection usenix security symposium. pp. 19- 19 ,(2004)
Jian Zhang, Jian Gong, Yong Ding, Research on automated rollbackability of intrusion response Journal of Computer Security. ,vol. 12, pp. 737- 751 ,(2004) , 10.3233/JCS-2004-12504
Jim Mellander, Carl Endorf, Kompas, Eugene Schultz, Intrusion detection & prevention ,(2003)
J. Yu, Y.V.R. Reddy, Sentil Selliah, Srinivas Kankanahalli, Sumitra Reddy, Vijayanand Bharadwaj, TRINETR: an intrusion detection alert management systems workshops on enabling technologies: infrastracture for collaborative enterprises. pp. 235- 240 ,(2004) , 10.1109/ENABL.2004.76
J. Newsome, B. Karp, D. Song, Polygraph: automatically generating signatures for polymorphic worms ieee symposium on security and privacy. pp. 226- 241 ,(2005) , 10.1109/SP.2005.15
Kai Hwang, Ying Chen, Hua Liu, Defending distributed systems against malicious intrusions and network anomalies international parallel and distributed processing symposium. pp. 286- ,(2005) , 10.1109/IPDPS.2005.160
Salvatore J. Stolfo, Gabriela Cretu, Ke Wang, Anomalous payload-based worm detection and signature generation Lecture Notes in Computer Science. pp. 227- 246 ,(2006)
Ke Wang, Gabriela Cretu, Salvatore J. Stolfo, Anomalous Payload-Based Worm Detection and Signature Generation Lecture Notes in Computer Science. pp. 227- 246 ,(2006) , 10.1007/11663812_12