A Signature-Based Approach against Polymorphic Internet Worms

1854 Words4 Pages

h Babu Battula Ram Bilash(2010UCP233)

1

CONTENTS

1. Introduction

2. Related Work

3. Design

3.1 Failure Connection Design

3.2 Signature discoverion Design

4. Results

5. Conclusion

6. References

3

1. Introduction

Internet worms present a solemn threat to todays highly

networked computing environment. Unlike other threats

viruses and trojans, worms typically scatter automatically

without active human intervention, resulting in infection

rates that are considerably higher than those of traditional

viruses.

These Active internet worms spread in an automated fash-

ion and can

ood the internet in a very short time. Anti-

virus is signature-based technology. Anti-virus compares

the structure of le to the signatures stored in its database.If

the le contain same signature, means it is infected by

worm. The anti-virus database must be updated regularly

to discover new worms.

The fast reaction times required to emphasize the need for

an automated mechanism to locally discover and control

the spread of a worm.

There are few answers to solve the worm attack. One of the

solutions to update the anti-virus for discovers the worms.

Anti-virus can not discover the worm due to its scatter-

ing speed. Also, anti-virus cant discover unknown internet

worm automatically because it doesnt hang on the worm

behavior but hang on signature to discover it.

Therefore, the anti virus cant discover most of unknown in-

ternet worm automatically, routers and rewalls after con-

gured it can block the packets by congestion signatures,

but those happen after the worm scatter.

4

Automatic perception is particularly challenging because

it is dicult to prophesy what form the next worm will

take. However, automatic percepti...

... middle of paper ...

...d G. Bakos, Using Sensor

Networks and Data Fusion for Early perception of Ac-

tive Worms, Proceedings of the SPIE AeroSense, 2003,

pp. 92104.

S. Staniford-Chen, S. Cheung, R. Crawford, M. Dil-

ger, J. Frank,J. Hoagland, K. Levitt, C. Wee, R. Yip,

and D. Zerkle, GrIDS-a Graph Based Intrusion percep-

tion System for Large Networks, Proceedings of the

19th National Information Systems Security Confer-

ence, Oct. 1996.

C. Zou, W. Gong, and D. Towsley, the monitoring and

Early detection of Internet Worms, ACM Trans. on

Networking, 2005.

S. Chen and Y. Tang, Slowing Down Internet Worms,

Proceedings of 24th International Conference on Dis-

tributed Computing Systems (ICDCS'04), Tokyo, Japan,

Mar. 2004.

X. Jiang and D. Xu, Proling Self-Propagating Worms

via Behavioral Footprinting, Proceedings of ACMWork-

shop on Recurring Malcode, Nov. 2006.

16

Nt1330 Unit 3 Assignment 1
642 Words | 2 Pages
The SIEM is a log management system where every network device, server or workstation will send their logs for storage, correlation and analysis. The analysis will provide alerts similar to the NIDS and HIDS. In addition, the log correlation could be used to help track where and when malicious activity has occurred and on what system(s) the activity was seen. The combination of the NIDS, HIDS and SIEM will provide a good array of detection for malicious users, software or unauthorized system access.
Read More
Parsnip Web Worm
319 Words | 1 Pages
Dr. May Berenbaum, an entomologist at University of Illinois, has conducted over 40 years of research on parsnips and the parsnip web worm. During her lecture on March 22nd, she explained how parsnips are invasive weeds that are full of toxic furanocoumarins. Interestingly, the parsnip webworm only eats the parsnips and is able to process the toxin very well. The interactions between the web worm and parsnips cause the parsnips to select for plants with a higher amount of furanocoumarins in order to defend themselves from the worms. When the worms are not there, i.e. in New Zealand, the parsnip plants grow taller and develop more ways to attract pollinators, and they do not put energy into having as many furanocoumarins
Read More
Aim Higher College: A Case Study
741 Words | 2 Pages
The Aim Higher College’s system administrators and network engineers have described seeing some strange behaviors such as high levels of traffic from many hosts that are causing system outages. The web servers of the college have been shutting down frequently by this traffic, it must be from a hacker group trying to attack the school with malicious software. I will review the network traffic from the college’s intrusion detection system and use an intrusion prevention system to block off these threats from the hackers.
Read More
An Analysis of the Nature of the SANS Institute
1076 Words | 3 Pages
"SANS 2011 - Event-At-A-Glance." SANS: Computer Security Training, Network Security Research, InfoSec Resources. Web. 17 Mar. 2011. .
Read More
Trojans,Worms, and Viruses: What Are They and What Can You Do to Stop Them
1690 Words | 4 Pages
Imagine this; you are sitting at your desk looking at a bunch of pictures. Just a normal scene, what could go wrong? Suddenly, you’re attacked by deadly things that are trying to steal your personal information like your credit card numbers, email address, all your passwords, everything. Could this be the work of ninjas? No (bet that is what you first thought though). What about the FBI? No. Then what was it? It was a virus. If you hadn’t figured it out by now, you were looking at pictures online using Google images (for all you Bing fans, I’m sorry but Google is much better). You were downloading pictures from Google and one of them happened to contain a virus and it was downloaded with one of the pictures. How do I know this is a virus? The answer is that I don’t. I didn’t give enough symptoms to diagnose this. To the pros at hacking and security, you may know that viruses are not the only threat. If you are new to the world of computers, you might not. The three types of malware that will try to harm your PC or your data in any way are Trojans, worms, and the most famous, viruses. These three are very different and all are terrible for you and your PC.
Read More
Security Risk Management SRM and Auditing
1032 Words | 3 Pages
Security is a wide concept, it is a separated subject with its own theories, "which focus on the process of attack and on preventing, detecting and recovering from attacks" (William 1996). Certainly, these processes should be well organized in coping with the complex system issues. A coherent approach should be taken, which builds on established security standards, procedu...
Read More
Epidemiology Essay
1946 Words | 4 Pages
...at proposed a new Worm Interaction Model which is based upon and extending beyond the epidemic model focusing on random-scan worm interactions. It proposes a new set of metrics to quantify effectiveness of one worm terminating other worm and validate worm interaction model using simulations. This paper also provides the first work to characterize and investigate worm interactions of random-scan worms in multi-hop networks (Tanachaiwiwa and Helmy, 2007). For the best possible solution against cyber attack, researchers use Mathematical modeling as a tool to understand and identify the problems of cyber war (Chilachava and Kereselidze, 2009). Such kind of modeling is supposed to help in better understanding of the problem, but to allow such models to be practically workable, it is extremely important to provide a quantitative interface to the problem through the model.
Read More
The Denial Of Service Attack (Dos)
324 Words | 1 Pages
The Denial of Service attack (DoS), in this attack, the attacker does not actually access the system, but rather simply blocks access from legitimate users. In the words of the CERT (Computer Emergency Response Team) Coordination Center (the first computer security incident response team), “A ‘Denial-of-Service’ attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service” (CERT, 2003). One often-used blocking method is flooding the targeted system with so many false connection requests that it cannot respond to legitimate requests. DoS is an extremely common attack method, second only to malware. (Easttom, 2014)
Read More
Botnets
1101 Words | 3 Pages
In this paper we are going to tell you about Botnets. We are going to tell you what botnets are and what they are used for. There are a couple of differed participants in this case, the people controlling the botnets and the people that the botnets are affecting. In this paper we also look at different moral principles and how they affect the way botnets are looked at. One of the moral principles we look at is Absolute moral principles. People with absolute moral principles look at things as they are either right or wrong, Black or White. There are no in-betweens with people who have these morals, there is no gray area. When some people look at botnets think that they are totally wrong and should be wiped out. The other moral principle that we looked at were relative moral principles. People with these moral principles tend to look at thing as if they are right a in certain cases and wrong in others. People with moral principle tend to look at botnets as sometimes good and sometimes bad.
Read More
Network Security Monitoring Tools
877 Words | 2 Pages
Due to their complexity and importance to information security, two security systems, Network Intrusion Detection/Prevention Systems (NIDPS) and Security Information and Event Management systems (SIEM), will be explored in this paper. Both have multiple functionalities, including threat-detecting capabilities, and are widely considered essential tools for adequate network defense, particularly in the goal of fortifying valuable assets in the face of an advanced threat. Understanding these systems is vital for any security operation tasked with defending significant networks.
Read More
Information Security Essay
1838 Words | 4 Pages
This is the information age. There are financial and corporate information, research and analysis, trends have lead the trend and military intelligence. Information classified as confidential, sensitive and critical. There are gleaning information extraction and automated tools. There are management solutions, such as content management, knowledge management and document management, information management collected for. There are different mechanisms for storing information storage. Finally, information security, there are tools and techniques. In this paper, three important types of security information we need to discuss, such as security information from hackers, during transit to ensure that information and the protection of information stored in the system can be lost or stolen. Finally, a brief about wireless security has been described here. The Internet has become the information superhighway. Evolving Internet and related technologies have allowed companies to communicate in new ways with all types of people and strategic organization. Over the years, there have been increased after the distinctive features of Internet connection. As needs change, the more powerful the service of humanity encountered, faster connections, and what can be done in the need for more flexibility. Initially, the service, such as a simple POP3-based email and Web access is the extent of an Internet connection. Today, we have a site-to-site virtual private network (VPN), clients and home users VPN, streaming media, Web-based training, wonderful Internet applications, e-commerce, and business-to-business extranet. Therefore, the development of the Internet to meet the needs of a variety of advanced human society. On the home front, fr...
Read More
Hackers and the Internet
1370 Words | 3 Pages
Hackers and the Internet Internet Security covers a broad list of topics. I have chosen to cover hackers and their history. I will go through who hackers are and how we define hackers. I will also cover the history of how hackers got started. This was a very interesting topic and may surprise a lot of people who have had misconceptions about what hackers do due to how the are covered by the media.
Read More
CyberCrime: Preventing the Horrific Crimes on the Internet
1424 Words | 3 Pages
In today's society, many aspects of crime committed on a regular basis. Civilians take advantage of people all the time using online resources such as a fraudulent website requiring credit card information to get a free monthly trial. Other examples of cyber crimes are online chatting website, full of predators or websites needing a downloadable program that contains a hacking virus. Sadly, there are many cases of cyber crime all over the internet. The acts of cyber crimes are considered violent acts like any other. Every day citizens are constantly losing money and being victimized due to these fraudulent activities. Cyber crime, including fraud, identity theft, stalking, and hacking, is a growing problem which can be prevented by taking the proper precautions.
Read More
Viruses and Internet Security
2710 Words | 6 Pages
Since the creation and development of the Internet, hackers and intelligent software developers have been able to spread viruses that cause great harm to corporations and households. The Internet has been the gateway for hackers into their journey of obstruction. For example, through the loopholes of Microsoft’s IIS services on its server operating system packages, hackers have been able to open “backdoors” into some of the most complex intranet firewall protected networks of the world. Once the access has been made available, hackers have the opportunity to manipulate data, retrieve confidential data, and destroy systems containing critical data with the help of their developed viruses. The fact of the matter is, hackers and other cyber criminals cause great amounts of financial damage to corporations and other smaller scaled victims. The ethical question to consider when dealing with virus control is: Is it unethical to take extreme measures to avoid hacker attacks, even when we are taking away people’s autonomy and obstructing their privacy?
Read More
Protect Yourself Online
1685 Words | 4 Pages
The book is structured into four parts: Part 1 discusses the fundamentals of Internet security and privacy, Part 2 specializes in privacy while on the World Wide Web, Part 3’s topics are e-mail security and privacy, and Part 4 discusses the ways in which to secure a computer. Following the structure of the book, I will review and summarize the most important aspects of the parts and chapters in chronological order.
Read More

Open Document

A Signature-Based Approach against Polymorphic Internet Worms

Nt1330 Unit 3 Assignment 1

Parsnip Web Worm

Aim Higher College: A Case Study

An Analysis of the Nature of the SANS Institute

Trojans,Worms, and Viruses: What Are They and What Can You Do to Stop Them

Security Risk Management SRM and Auditing

Epidemiology Essay

The Denial Of Service Attack (Dos)

Botnets

Network Security Monitoring Tools

Information Security Essay

Hackers and the Internet

CyberCrime: Preventing the Horrific Crimes on the Internet

Viruses and Internet Security

Protect Yourself Online

More about A Signature-Based Approach against Polymorphic Internet Worms