A Worm Behavioral Approach to Susceptible Host Detection

Wang, BaiLing; Fang, BinXing; Yun, XiaoChun

doi:10.1007/11590354_9

BaiLing Wang¹⁸,
BinXing Fang¹⁸ &
XiaoChun Yun¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3795))

Included in the following conference series:

International Conference on Grid and Cooperative Computing

402 Accesses

Abstract

A new detection approach based on worm behaviors for IDS anti-worm is presented. By the method, the susceptible hosts probed by worms can be detected, and then an immediate counter-attack to the susceptible host can be proposed. As a case study, a simulation on the IDS-based anti-worm counter-attacking the malicious worm is given, which shows the new containment is much more effective and bring less traffic to network than the traditional one. It can be used as a reference for Grid security infrastructure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Behavioral Detection of Scanning Worm in Cyber Defense

Containment of Fast Scanning Computer Network Worms

NADTW: new approach for detecting TCP worm

Article 02 June 2016

References

Chen, T.M.: Trends in Viruses and Worms. The Internet Protocol Journal 6(3), 23–33 (2003)
Google Scholar
Levy, E.: Approaching Zero. IEEE Security & Privacy Magazine 2(4), 65–66 (2004)
Article Google Scholar
Hwang, K., Kwok, Y.K., Song, S.S.: GridSec: Trusted Grid Computing with Security Binding and Self-defense Against Network Worms and DDoS Attacks. In: International Workshop on Grid Computing Security and Resource Management, GSRM 2005 (2005)
Google Scholar
Yu, W.: Analyze the Worm-based Attack in Large Scale P2P Networks. In: Proceedings of the Eighth IEEE International Symposium on High Assurance Systems Engineering, HASE 2004 (2004)
Google Scholar
Zhuge, H., Shi, X.: Fighting Epistemology in Knowledge and Information Age. IEEE Computer 36(10), 114–116 (2003)
Google Scholar
Castaneda, F., et al.: WORM vs. WORM: Preliminary Study of an Active Counter-Attack Mechanism. In: Proceedings of ACM Workshop on Rapid Malcode, WORM 2004 (October 2004)
Google Scholar
Mullen, T.: Defending your right to defend: Considerations of an automated strike-back technology (October 2002), http://www.hammerofgod.com/strikeback.txt
Provos, N.: A virtual honeypot framework. CITI Technical Report 03-1 (October 2003)
Google Scholar
http://www.snort.org/

Download references

Author information

Authors and Affiliations

Research Center of Computer Network and Information Security Technology, Harbin Institute of Technology, Harbin, 150001, China
BaiLing Wang, BinXing Fang & XiaoChun Yun

Authors

BaiLing Wang
View author publications
You can also search for this author in PubMed Google Scholar
BinXing Fang
View author publications
You can also search for this author in PubMed Google Scholar
XiaoChun Yun
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

China Knowledge Grid Research Group, Key Lab of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, 100080, Beijing, China
Hai Zhuge
Community Grids Lab, Indiana University Bloomington,
Geoffrey C. Fox

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wang, B., Fang, B., Yun, X. (2005). A Worm Behavioral Approach to Susceptible Host Detection. In: Zhuge, H., Fox, G.C. (eds) Grid and Cooperative Computing - GCC 2005. GCC 2005. Lecture Notes in Computer Science, vol 3795. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11590354_9

Download citation

DOI: https://doi.org/10.1007/11590354_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30510-1
Online ISBN: 978-3-540-32277-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics