Abstract
Increasing threats from worms in the internet continue to be a challenge for current content-based Network Intrusion Detection Systems (NIDS). Worms use different obfuscation techniques (You & Yim 2010) to evade detection and if the worm's signature is not previously known, such systems fail. This paper proposes the use of behavioral signatures for network intrusion detection. The different infection phases exhibited by a worm can be used to characterize its network behaviour. Such behaviour of worms can be captured in the proposed scheme by using behavioural signatures.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Published version (
Free)
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
