The analysis of worm non-linear propagation model and the design of worm distributed detection technology
At present there are some worm intrusion detection systems, primarily for a single LAN or with hardware router environment, which are not applicable for large-scale network detection or have high false alarm rate by using only worm propagation characteristics for detection. This paper analyzed worm non-linear propagation models and drew out the worm transmission curves. Then a distributed worm detection technology is designed. The novel distributed worm detection system consists of two parts, client end and console end programs. The system uses rule-based detection method to monitor network worms, and the console side manages and coordinates detection work of the client sides. Experimental results show that the technology is a good solution to worm detection in multiple network environments which can give an alarm with high detection rate and low false alarm rate when the known worm appears.
IDS Worm worm non-linear propagation model distributed worm detection
Tong Xiaojun Zhao Zhangquan Shuai Huimin Wang Zhu
School of Computer Science and Technology Harbin Institute of Technology Weihai China School of Information Harbin Institute of Technology Weihai China
国际会议
电子商务、工程及科学领域的分布计算和应用国际会议(DCABES 2010)
香港
英文
219-223
2010-08-10(万方平台首次上网日期,不代表论文的发表时间)