Design and analysis of a multipacket signature detection system
International Journal of Security and Networks
A hardware platform for efficient worm outbreak detection
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Distributed instrusion prevention in active and extensible networks
IWAN'04 Proceedings of the 6th IFIP TC6 international working conference on Active networks
A behavioral analysis engine for network traffic
CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference
A patient-adaptive profiling scheme for ECG beat classification
IEEE Transactions on Information Technology in Biomedicine
An automatic and generic early-bird system for internet backbone based on traffic anomaly detection
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part I
| Hi-index | 0.00 |
Recent well publicized attacks have made it clear that worms constitute a threat to Internet security. Systems that secure networks against malicious code are expected to be a part of the critical Internet infrastructure in the future. Intrusion detection and prevention systems (IDPS) currently have limited use because they can filter only known worms. We present the design and implementation of a system that automatically detects new worms in real-time by monitoring traffic on a network. The system uses field programmable gate arrays (FPGAs) to scan packets for patterns of similar content. Given that a new worm hits the network and the rate of infection is high, the system is automatically able to detect an outbreak. Frequently occurring strings in packet payloads are instantly reported as likely worm signatures.