Dergi makalesi Açık Erişim
Bayoglu, Burak; Sogukpinar, Ibrahim
Malicious software has become a big threat to information systems, which, are widely used to store, transfer and process information for many critical assets. worms are one of the most harmful network-enabled malicious software that can threaten networks and applications. Two main characteristics of worms distinguish them. front the well-known virus programs and as a results are much more dangerous than the virus programs. First, they do not need to attach themselves to an existing program. Second, worms do not require end-user interaction to realize the intended attack. Therefore, a large number of victims can be infected in a short time. Polymorphic worms are a special subset of worm family which are more difficult to detect. Polymorphism is the key that facilitates creating different looking polymorphic worm copies while keeping the original worm code intact. Each variant for a polymorphic worm has a different pattern that it is not effective to use simple signature matching techniques. In this work, Strong Token-Pair(STP) signature scheme has been proposed to detect polymorphic worms. Experiemental results support that STP signatures can be used with low false negative and false positive rates.
| Dosya adı | Boyutu | |
|---|---|---|
|
10-3906-elk-0905-29.pdf
md5:5142bc324e8d1b73adb814eaeb6d5b18 |
482.9 kB | İndir |
| Görüntülenme | 31 |
| İndirme | 25 |
| Veri hacmi | 12.1 MB |
| Tekil görüntülenme | 31 |
| Tekil indirme | 23 |