A distributed detection of hit-list worms

Nobutaka Kawaguchi, Hiroshi Shigeno, Kenichi Okada

研究成果: Conference contribution

1 被引用数 (Scopus)

抄録

In this paper, we propose d-ACTM/VT, a network based worm detection method that effectively detects hit-list worms. To detect a kind of hit-list worms named Silent worms in a distributed manner, d-ACTM was proposed. d-ACTM detects the existence of worms by detecting tree structures composed of infection connections as edges. Some undetected infection connections, however, can divide the tree structures into small trees and degrade the detection performance. d-ACTM/VT addresses this problem by aggregating the divided trees as a tree named Virtual AC tree in a distributed manner and utilizes it for detection. Simulation result shows d-ACTM/VT reduces the number of infected hosts by 20% compared to d-ACTM.

本文言語English
ホスト出版物のタイトルICC 2008 - IEEE International Conference on Communications, Proceedings
ページ1566-1572
ページ数7
DOI
出版ステータスPublished - 2008 9 12
イベントIEEE International Conference on Communications, ICC 2008 - Beijing, China
継続期間: 2008 5 192008 5 23

出版物シリーズ

名前IEEE International Conference on Communications
ISSN(印刷版)0536-1486

Other

OtherIEEE International Conference on Communications, ICC 2008
CountryChina
CityBeijing
Period08/5/1908/5/23

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

引用スタイル