Learning-based algorithm for detecting abnormal traffic
ISPA'06 Proceedings of the 2006 international conference on Frontiers of High Performance Computing and Networking
Model and estimation of worm propagation under network partition
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Using genetic algorithm for network status learning and worm virus detection scheme
IDEAL'06 Proceedings of the 7th international conference on Intelligent Data Engineering and Automated Learning
Hi-index | 0.00 |
In this paper, we proposed a behavior-based intrusion detection and response system for the Internet worm named Lambent Anti-Worm System (LAWS). The LAWS can detect the intruded services and influenced range automatically. Besides, It also can analyze the key information of the intrusion. We can keep from the worm distribution and intrusion in advanced according to the information. In addition to detect and prevent from the distribution of well-known malicious worm, the LAWS can also defense the future, unknown, or new malicious worms. Mobile agents will help the LAWS to form a defense system for other LAWS's user over the Internet. The contribution of our system is to decrease the response time of attack and reduce the damaged range. At the same time, it also diminishes the damage and decreases the fixed cost.