The system modeling for detections of new malicious codes

Authors:
EunYoung Kim;CheolHo Lee;HyungGeun Oh;JinSeok Lee
Affiliations:
National Security Research Institute, Daejeon, Republic of Korea;National Security Research Institute, Daejeon, Republic of Korea;National Security Research Institute, Daejeon, Republic of Korea;National Security Research Institute, Daejeon, Republic of Korea
Venue:
PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
Year:
2004

Citing 2
Cited 0

Data mining aided signature discovery in network-based intrusion detection system

ACM SIGOPS Operating Systems Review
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration

Quantified Score

Hi-index	0.00

Visualization

Abstract

During the last several years, Malicious code have become increasingly more sophisticated. At the same time, the Internet's growing popularity and the steady adoption of broadband technologies have allowed malicious codes to spread quickly. However, traditional anti-malicious codes detections's method is pattern matching. Pattern matching's method just can detect within the narrow limits of known malicious codes. That is, in the past, pattern matching method was able to ship new pattern for most malicious codes before they could achieve widespread distribution. If malicious code software vendors could not provide new pattern, nobody can not detect new malicious code. Accordingly, users were hacked by somebody hacker. In this article, we suggest the new malicious code detection algorithm and the system modelings without malicious pattern DB.