Abstract
Fast spreading network worms have become one of the most service-impacting threats in enterprise and ISP networks. We identify core requirements for effective detection and containment of such worms and propose a technique that uses a combination of distributed anomaly-based host intrusion detection and statistical analysis of network heuristics to detect malicious worm activity. Our proposal employs an automated collaborative network-centric worm containment approach. We experiment on a live test-bed with fast spreading worms and evaluate the effectiveness ofour method in detecting and containing such worms. We also evaluate the system's performance when malicious worm traffic blends with benign network scanning traffic.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
