文章基本信息

标题：A NOVEL APPROACH FOR DETECTING SMART CAMOUFLAGING WORM
本地全文：下载
作者：JEEVAAKATIRAVAN ; D.HEMAPRIYADHARSHINI ; C.CHELLAPAN R. DHANALAKSHMI 等
期刊名称：Journal of Theoretical and Applied Information Technology
印刷版ISSN：1992-8645
电子版ISSN：1817-3195
出版年度：2013
卷号：47
期号：2
页码：514-520
出版社：Journal of Theoretical and Applied
摘要：Active Worms wreak havoc by exploiting security loopholes and flaws in software design to propagate from one machine to another. Active Worms are different than a traditional virus in that they don�t spread by modifying programs on a single system, but rather by searching for and implanting destructive code onto other systems automatically. In this paper, we propose a novel approach for detecting an intricate type of smart worms called C-Worms. Camouflaging worms (C-Worms) falls under the new category of active worms which conceals its presence by blending with the environment in such a way that it looks analogous to the normal data packet of the network. Thus the propagation of C-Worms and its traffic pattern cannot be determined by the existing worm detection schemes. To countermeasure the C- Worm, we design a new worm detection scheme called Controlled Packet Transmission (CPT) technique where the background traffic is monitored as a function of time. Furthermore, we employ Centralized Worm Detector (CWD) algorithm based on digital signature technique to authenticate each node and monitor the network. Using the CWD algorithm, malicious C-Worm nodes are discarded and the recovered network is monitored. The performance graph obtained experimentally clearly proves that our detection scheme can effectively detect the C-Worm propagation.
关键词：Active worm; Camouflaging worm; Controlled Packet Transmission; Centralized Worm Detector