FDF: Frequency detection-based filtering of scanning worms
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Byungseung | - |
dc.contributor.author | Kim, Hyogon | - |
dc.contributor.author | Bahk, Solewoong | - |
dc.date.accessioned | 2021-09-08T18:48:43Z | - |
dc.date.available | 2021-09-08T18:48:43Z | - |
dc.date.created | 2021-06-10 | - |
dc.date.issued | 2009-03-27 | - |
dc.identifier.issn | 0140-3664 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/120402 | - |
dc.description.abstract | In this paper, we propose a simple algorithm for detecting scanning worms with high detection rate and low false positive rate. The novelty of our algorithm is inspecting the frequency characteristic of scanning worms instead of counting the number of suspicious connections or packets from a monitored network. Its low complexity allows it to be used on any network-based intrusion detection system as a real-time detection module for high-speed networks. Our algorithm need not be adjusted to network status because its parameters depend on application types, which are generally and widely used in any networks such as web and P2P services. By using real traces, we evaluate the performance of our algorithm and compare it with that of SNORT. The results confirm that Our algorithm Outperforms SNORT with respect to detection rate and false positive rate. (C) 2008 Elsevier B.V. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER SCIENCE BV | - |
dc.title | FDF: Frequency detection-based filtering of scanning worms | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Hyogon | - |
dc.identifier.doi | 10.1016/j.comcom.2008.12.010 | - |
dc.identifier.scopusid | 2-s2.0-61349143044 | - |
dc.identifier.wosid | 000264910700008 | - |
dc.identifier.bibliographicCitation | COMPUTER COMMUNICATIONS, v.32, no.5, pp.847 - 857 | - |
dc.relation.isPartOf | COMPUTER COMMUNICATIONS | - |
dc.citation.title | COMPUTER COMMUNICATIONS | - |
dc.citation.volume | 32 | - |
dc.citation.number | 5 | - |
dc.citation.startPage | 847 | - |
dc.citation.endPage | 857 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Scanning worm | - |
dc.subject.keywordAuthor | Frequency characteristic | - |
dc.subject.keywordAuthor | Autocorrelation | - |
dc.subject.keywordAuthor | Intrusion detection system | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.