English  |  正體中文  |  简体中文  |  Items with full text/Total items : 69561/69561 (100%)
Visitors : 23267447      Online Users : 304
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/29647


    Title: A rough set approach for automatic key attributes identification of zero-day polymorphic worms
    Authors: Sun,WC;Chen,YM
    Contributors: 資訊管理研究所
    Keywords: KNOWLEDGE
    Date: 2009
    Issue Date: 2010-06-29 20:37:17 (UTC+8)
    Publisher: 中央大學
    Abstract: In recent years, given their rapid propagations, Internet worms increasingly threaten the Internet hosts and services. It's worsen by the fact that zero-day polymorphic worms, which can change their patterns dynamically, would evade most existing intrusion detection systems which depend on some signature generating approach. In this paper, we propose a novel rough set worm detection (RSWD) scheme which extends well developed rough set theory (RST) to detect zero-day polymorphic worms and provide a minimum set of filtering rules to network barrier equipments, such as firewall, to block worm spreading. The RSWD scheme is based on an assumption that, for a polymorphic worm, all attack packets are generated from some specific worm program and attack the same vulnerability of the victim hosts, therefore some patterns exist even the polymorphic engine mutates dynamically and frequently. Our simulations show that, in a class B network containing a new polymorphic worm which can not be recognized by any known signature, the RSWD module could detect the worm propagation within 17 s and produce a precise blocking rule exhibiting 100% true positive rate and 99.82% accuracy rate. (C) 2008 Elsevier Ltd. All rights reserved.
    Relation: EXPERT SYSTEMS WITH APPLICATIONS
    Appears in Collections:[資訊管理研究所] 期刊論文

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML596View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明