How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
On instant messaging worms, analysis and countermeasures
Proceedings of the 2005 ACM workshop on Rapid malcode
Understanding Instant Messaging Traffic Characteristics
ICDCS '07 Proceedings of the 27th International Conference on Distributed Computing Systems
A protocol for secure public instant messaging
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
SMS-Watchdog: Profiling Social Behaviors of SMS Users for Anomaly Detection
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Automatically generating models for botnet detection
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Malware propagation in online social networks: nature, dynamics, and defense implications
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Secure instant messaging in enterprise-like networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Anomaly-Based intrusion detection algorithms for wireless networks
WWIC'10 Proceedings of the 8th international conference on Wired/Wireless Internet Communications
| Hi-index | 0.01 |
Instant messaging (IM) systems have gained a lot of popularity in recent years. The increasing number of IM users has lured malware authors to develop more worms and viruses that spread in IM networks. In response to such growing security threat to IM systems, it is imperative to develop a fast and responsive IM worm detection system. In this paper, we apply change-point detection techniques to catch two families of IM worms, one aimed at infecting all vulnerable machines as quickly as possible and the other aimed at spreading slowly in a stealthy fashion to evade detection. Experimental results demonstrate that the proposed solutions are very effective in detecting both families of IM worms.