Homology analysis method of worms based on attack and propagation features

Liyan Wang, Jingfeng Xue, Yan Cui, Yong Wang, Chun Shan*

*此作品的通讯作者

科研成果: 书/报告/会议事项章节会议稿件同行评审

1 引用 (Scopus)

摘要

Internet worms pose a serious threat to the Internet security. In order to avoid the security detection and adapt to diverse target environment, the attackers often modify the existing worm code, then get the variants of original worm. Therefore, it is of practical significance to determine the cognate relationship between worms quickly and accurately. By extracting the semantic structure, attack behavior and propagation behavior of the worm, the worm feature set is generated, and the worm sensitive behavior library is built with the idea of association analysis. On this basis, combined with random forest and sensitive behavior matching algorithm, the homology relationship between worms was determined. The experimental results show that the method proposed can fully guarantee the time performance of the algorithm, what’s more further improve the accuracy of the results of the homology analysis of worms.

源语言英语
主期刊名Trusted Computing and Information Security - 11th Chinese Conference, CTCIS 2017, Proceedings
编辑Fei Yan, Ming Xu, Shaojing Fu, Zheng Qin
出版商Springer Verlag
1-15
页数15
ISBN(印刷版)9789811070792
DOI
出版状态已出版 - 2017
活动11th Chinese Conference on Trusted Computing and Information Security, CTCIS 2017 - Changsha, 中国
期限: 14 9月 201717 9月 2017

出版系列

姓名Communications in Computer and Information Science
704
ISSN(印刷版)1865-0929

会议

会议11th Chinese Conference on Trusted Computing and Information Security, CTCIS 2017
国家/地区中国
Changsha
时期14/09/1717/09/17

指纹

探究 'Homology analysis method of worms based on attack and propagation features' 的科研主题。它们共同构成独一无二的指纹。

引用此