A Novel Signature Generation Approach for Polymorphic Worms
作者: Jie Wang , Xiaoxian He
DOI: 10.1007/978-3-319-27137-8_28
关键词:
摘要: Because of complex polymorphism in worms and the disturbance crafted noises, it becomes more difficult to generate signatures quickly accurately. This paper proposes a neighbor relation signature (NRS) for polymorphic worms,which is collection distance frequency distributions between byte. Moreover, we propose generation algorithm (NRS-CC) by combing NRS color coding technique. NRS-CC selects sequences randomly from suspicious flow pool signatures, then uses technique get rid noise disturbance. Extensive experiments are carried out demonstrate validity our approach. The experiment results show that approach can compared with existing approaches when contains sequences.
springer.com
sci-hub.st 参考文章(18)
Chirag Modi, Dhiren Patel, Bhavesh Borisaniya, Hiren Patel, Avi Patel, Muttukrishnan Rajarajan, A survey of intrusion detection techniques in Cloud Journal of Network and Computer Applications. ,vol. 36, pp. 42- 57 ,(2013) , 10.1016/J.JNCA.2012.05.003
Prakash Mandayam Comar, Lei Liu, Sabyasachi Saha, Pang-Ning Tan, Antonio Nucci, Combining supervised and unsupervised learning for zero-day malware detection 2013 Proceedings IEEE INFOCOM. pp. 2022- 2030 ,(2013) , 10.1109/INFCOM.2013.6567003
Min Cai, Kai Hwang, Jianping Pan, Christos Papadopoulos, WormShield: Fast Worm Signature Generation with Distributed Fingerprint Aggregation IEEE Transactions on Dependable and Secure Computing. ,vol. 4, pp. 88- 104 ,(2007) , 10.1109/TDSC.2007.1000
Burak Bayoğlu, İbrahim Soğukpınar, Graph based signature classes for detecting polymorphic worms via content analysis Computer Networks. ,vol. 56, pp. 832- 844 ,(2012) , 10.1016/J.COMNET.2011.11.007
Mohssen M.Z.E. Mohammed, H. Anthony Chan, Neco Ventura, Al-Sakib Khan Pathan, An Automated Signature Generation Method for Zero-Day Polymorphic Worms Based on Multilayer Perceptron Model international conference on advanced computer science applications and technologies. pp. 450- 455 ,(2013) , 10.1109/ACSAT.2013.94
Ratinder Kaur, Maninder Singh, Efficient hybrid technique for detecting zero-day polymorphic worms ieee international advance computing conference. pp. 95- 100 ,(2014) , 10.1109/IADCC.2014.6779301
R. Perdisci, D. Dagon, Wenke Lee, P. Fogla, M. Sharif, Misleading worm signature generators using deliberate noise injection ieee symposium on security and privacy. pp. 17- 31 ,(2006) , 10.1109/SP.2006.26
Ratinder Kaur, Maninder Singh, A Survey on Zero-Day Polymorphic Worm Detection Techniques IEEE Communications Surveys and Tutorials. ,vol. 16, pp. 1520- 1549 ,(2014) , 10.1109/SURV.2014.022714.00160
Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, Mattia Monga, LISABETH Proceedings of the fourth international workshop on Software engineering for secure systems - SESS '08. pp. 41- 48 ,(2008) , 10.1145/1370905.1370911
Burak Bayoglu, Ibrahim Sogukpinar, Polymorphic worm detection using token-pair signatures Proceedings of the 4th international workshop on Security, privacy and trust in pervasive and ubiquitous computing - SecPerU '08. pp. 7- 12 ,(2008) , 10.1145/1387329.1387331