1 Ocak 2009 Dergi makalesi Açık Erişim

Bayoglu, Burak; Sogukpinar, Ibrahim

DataCite XML

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://datacite.org/schema/kernel-4" xsi:schemaLocation="http://datacite.org/schema/kernel-4 http://schema.datacite.org/meta/kernel-4.1/metadata.xsd">
  <identifier identifierType="URL">https://aperta.ulakbim.gov.tr/record/96009</identifier>
  <creators>
    <creator>
      <creatorName>Bayoglu, Burak</creatorName>
      <givenName>Burak</givenName>
      <familyName>Bayoglu</familyName>
      <affiliation>TUBITAK UEKAE, Natl Res Inst Elect &amp; Cryptol, Dept Informat Syst Secur, TR-41470 Gebze, Kocaeli, Turkey</affiliation>
    </creator>
    <creator>
      <creatorName>Sogukpinar, Ibrahim</creatorName>
      <givenName>Ibrahim</givenName>
      <familyName>Sogukpinar</familyName>
      <affiliation>Gebze Inst Technol, Dept Comp Engn, TR-41400 Gebze, Kocaeli, Turkey</affiliation>
    </creator>
  </creators>
  <titles>
    <title>Polymorphic Worm Detection Using Strong Token-Pair Signatures</title>
  </titles>
  <publisher>Aperta</publisher>
  <publicationYear>2009</publicationYear>
  <dates>
    <date dateType="Issued">2009-01-01</date>
  </dates>
  <resourceType resourceTypeGeneral="Text">Journal article</resourceType>
  <alternateIdentifiers>
    <alternateIdentifier alternateIdentifierType="url">https://aperta.ulakbim.gov.tr/record/96009</alternateIdentifier>
  </alternateIdentifiers>
  <relatedIdentifiers>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsIdenticalTo">10.3906/elk-0905-29</relatedIdentifier>
  </relatedIdentifiers>
  <rightsList>
    <rights rightsURI="http://www.opendefinition.org/licenses/cc-by">Creative Commons Attribution</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
  </rightsList>
  <descriptions>
    <description descriptionType="Abstract">Malicious software has become a big threat to information systems, which, are widely used to store, transfer and process information for many critical assets. worms are one of the most harmful network-enabled malicious software that can threaten networks and applications. Two main characteristics of worms distinguish them. front the well-known virus programs and as a results are much more dangerous than the virus programs. First, they do not need to attach themselves to an existing program. Second, worms do not require end-user interaction to realize the intended attack. Therefore, a large number of victims can be infected in a short time. Polymorphic worms are a special subset of worm family which are more difficult to detect. Polymorphism is the key that facilitates creating different looking polymorphic worm copies while keeping the original worm code intact. Each variant for a polymorphic worm has a different pattern that it is not effective to use simple signature matching techniques. In this work, Strong Token-Pair(STP) signature scheme has been proposed to detect polymorphic worms. Experiemental results support that STP signatures can be used with low false negative and false positive rates.</description>
  </descriptions>
</resource>