Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Malware Defense Using Network Security Authentication
IWIA '05 Proceedings of the Third IEEE International Workshop on Information Assurance
Malware detection system by payload analysis of network traffic (poster abstract)
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Hi-index | 0.00 |
We suggest an efficient framework to detect malware in Intrusion Detection System (IDS). The framework generates signatures from malware families and generates corresponding detection rules. The generated signatures are not influenced by small changes of malware while they can be used to detect malware that has similar behaviors with normal programs. Our signatures are stored as an Aho-Corasick Tree form to improve signature matching performance in IDS.