Abstract
Malicious software has become a big threat to information systems, which are widely used to store, transfer and process information for many critical assets. Worms are one of the most harmful network-enabled malicious software that can threaten networks and applications. Two main characteristics of worms distinguish them from the well-known virus programs and as a result are much more dangerous than the virus programs. First, they do not need to attach themselves to an existing program. Second, worms do not require end-user interaction to realize the intended attack. Therefore, a large number of victims can be infected in a short time. Polymorphic worms are a special subset of worm family which are more difficult to detect. Polymorphism is the key that facilitates creating different looking polymorphic worm copies while keeping the original worm code intact. Each variant for a polymorphic worm has a different pattern that it is not effective to use simple signature matching techniques. In this work, Strong Token-Pair(STP) signature scheme has been proposed to detect polymorphic worms. Experimental results support that STP signatures can be used with low false negative and false positive rates.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Turkish Journal of Electrical Engineering and Computer Sciences
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
