A Safeguard Against Fast Self-propagating Malware
| Title | A Safeguard Against Fast Self-propagating Malware |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Ahmad, Muhammad Aminu, Woodhead, Steve, Gan, Diane |
| Conference Name | Proceedings of the 6th International Conference on Communication and Network Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4783-9 |
| Keywords | Cyber defence, False Data Detection, Human Behavior, Malware, malware classification, Metrics, network worm, privacy, pubcrawl, Resiliency, worm containment |
| Abstract | This paper presents a detection and containment mechanism for fast self-propagating network worm malware. The detection part of the mechanism uses two categories of network host activities to identify worm behaviour in a network. Upon an identified worm activity in a network, a data-link containment system is used to isolate the internal source of infection, and a network level containment system is used to block inbound worm datagrams. The mechanism has been demonstrated using a software prototype. A number of worm experiments have been conducted to evaluate the prototype. The empirical results show the effectiveness of the developed mechanism in containing fast network worm malware at an early stage with almost no false positives. |
| URL | http://doi.acm.org/10.1145/3017971.3017974 |
| DOI | 10.1145/3017971.3017974 |
| Citation Key | ahmad_safeguard_2016 |