A new user-habit based approach for early warning of worms

Authors:
Ping Wang;Binxing Fang;Xiaochun Yun
Affiliations:
Dept. of Computer Science and Technology, Harbin Institute of Technology, Harbin, Heilongjiang, China;Dept. of Computer Science and Technology, Harbin Institute of Technology, Harbin, Heilongjiang, China;Dept. of Computer Science and Technology, Harbin Institute of Technology, Harbin, Heilongjiang, China
Venue:
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Year:
2005

Citing 4
Cited 0

Code-Red: a case study on the spread and victims of an internet worm

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Inside the Slammer Worm

IEEE Security and Privacy
Monitoring and early warning for internet worms

Proceedings of the 10th ACM conference on Computer and communications security
A Dynamic Honeypot Design for Intrusion Detection

ICPS '04 Proceedings of the The IEEE/ACS International Conference on Pervasive Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

In the long term usage of the network, users will form certain types of habit according to their specific characteristics, individual hobbies and given restrictions. On the burst-out of worms, the overwhelming flow caused by random scanning will temporarily alter the behavior representation of users. Therefore, it is reasonable to conclude that the statistics and classification of the user habit can contribute to the detection of worms. On the basis of analysis about both users and worms, we construct the model of user-habit and propose a new approach for the early warning of worms. This paper possesses strong direction significance due to its broad applicability since extended models can be derived from the model proposed in this paper.