host behaviour based early detection of worm outbreaks in internet backbones

host behaviour based early detection of worm outbreaks in internet backbones

ID:33500481

大?。?75.94 KB

頁(yè)數(shù):6頁(yè)

時(shí)間:2019-02-26

host behaviour based early detection of worm outbreaks in internet backbones_第1頁(yè)
host behaviour based early detection of worm outbreaks in internet backbones_第2頁(yè)
host behaviour based early detection of worm outbreaks in internet backbones_第3頁(yè)
host behaviour based early detection of worm outbreaks in internet backbones_第4頁(yè)
host behaviour based early detection of worm outbreaks in internet backbones_第5頁(yè)
資源描述:

《host behaviour based early detection of worm outbreaks in internet backbones》由會(huì)員上傳分享,免費(fèi)在線閱讀,更多相關(guān)內(nèi)容在教育資源-天天文庫(kù)

1、HostBehaviourBasedEarlyDetectionofWormOutbreaksinInternetBackbonesThomasD¨ubendorfer?,BernhardPlattnerComputerEngineeringandNetworksLaboratory(TIK)SwissFederalInstituteofTechnology,Zurich{duebendorfer,plattner}@tik.ee.ethz.chAbstractBasedontheobservationthathosts

2、infectedbythesamewormexecutethesamecodeforscanningandtransferringWeproposeanovelnearreal-timemethodforearlyexploitandwormcode,weassumethatduringawormdetectionofwormoutbreaksinhigh-speedInternetback-outbreakthenetworkbehaviourofmanyhostswillsud-bones.Ourmethodattr

3、ibutesseveralbehaviouralproper-denlychangeinasimilarway.Inthispaper,weproposetiestoindividualhostslikeratioofoutgoingtoincominganovelnearreal-timemethodforearlydetectionofwormtraf?c,responsivenessandnumberofconnections.Theseoutbreaksinhigh-speedInternetbackbones.

4、Byanalysingpropertiesareusedtogrouphostsintodistinctbehaviourbackbonetraf?cat?ow-level,wecanattributevariousbe-classes.Weuse?ow-level(CiscoNetFlow)informationex-haviouralpropertiestohostslikeratioofoutgoingtoin-portedbytheborderroutersofaSwissInternetbackbonecomi

5、ngtraf?c,responsivenessandnumberofconnections,provider(AS559/SWITCH).Bytrackingthecardinalityofwhichallarestronglyin?uencedbyawormoutbreak.eachclassovertimeandalarmingonfastincreasesandThesepropertiesareusedtogrouphostsintodistinctclassesothersigni?cantchanges,we

6、canearlyandreliablyde-accordingtotheircurrentbehaviour.Weshowthatbytrack-tectwormoutbreaks.Wesuccessfullyvalidatedourmethodingthecardinality?oftheseclassesforsigni?cantchangeswitharchived?ow-leveltracesofrecentmajorInternete-overtime,wormoutbreakeventscanreliably

7、bedetectedmailbasedwormssuchasMyDoom.AandSobig.F,andandasetofpotentiallyinfectedhostscanbeidenti?ed.fastspreadingnetworkwormslikeWittyandBlaster.OurTheoutlineofthispaperisasfollows:AfterasurveyofmethodisgenericinthesensethatitdoesnotrequireanyrelatedworkinSection

8、2andNetFlowtracesinSection3,previousknowledgeabouttheexploitsandscanningmethodwepresentinSection4ourhostbehaviourbasedwormde-usedbytheworms.Itcangiveasetofsusp

當(dāng)前文檔最多預(yù)覽五頁(yè),下載文檔查看全文

此文檔下載收益歸作者所有

當(dāng)前文檔最多預(yù)覽五頁(yè),下載文檔查看全文
溫馨提示:
1. 部分包含數(shù)學(xué)公式或PPT動(dòng)畫(huà)的文件,查看預(yù)覽時(shí)可能會(huì)顯示錯(cuò)亂或異常,文件下載后無(wú)此問(wèn)題,請(qǐng)放心下載。
2. 本文檔由用戶上傳,版權(quán)歸屬用戶,天天文庫(kù)負(fù)責(zé)整理代發(fā)布。如果您對(duì)本文檔版權(quán)有爭(zhēng)議請(qǐng)及時(shí)聯(lián)系客服。
3. 下載前請(qǐng)仔細(xì)閱讀文檔內(nèi)容,確認(rèn)文檔內(nèi)容符合您的需求后進(jìn)行下載,若出現(xiàn)內(nèi)容與標(biāo)題不符可向本站投訴處理。
4. 下載文檔時(shí)可能由于網(wǎng)絡(luò)波動(dòng)等原因無(wú)法下載或下載錯(cuò)誤,付費(fèi)完成后未能成功下載的用戶請(qǐng)聯(lián)系客服處理。