Abstract

At present there are some worm detection systems, primarily for a single LAN or with hardware router environment, which main use worm propagation characteristics for detection and has high false alarm rate, but it is not applicable for large-scale network for detecting. This paper presents a distributed worm detection technology, which is divided into two parts, client end and the console end program. The system uses the rule-based detection methods to monitor network worms, and the console side manages and coordinates the multiple side work of detecting. Experimental results show that the method can be good applicable for worms conduct surveillance based on a single or multiple local area network and is used for worm alarming, the method has high detection rate and low false alarm rate.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call