TY - GEN
T1 - d-ACTM
T2 - 27th IEEE International Performance Computing and Communications Conference, IPCCC 07
AU - Kawaguchi, Nobutaka
AU - Shigeno, Hiroshi
AU - Okada, Ken Ichi
PY - 2007/11/27
Y1 - 2007/11/27
N2 - This paper proposes a distributed network based worm detection method, d-ACTM, to detect a kind of hit-list worm named Silent worm. The worm propagation behavior in the network is expressed as a tree-like structure composed of the infected hosts and the infection connections. d-ACTM detects the existence of worms by detecting the tree structures composed of anomaly connections in a distributed manner. The sim,ulation result shows that d-ACTM can detect Silent worms before 7% of all vulnerable hosts are infected under the condition where the infection interval is equals to the normal connection interval.
AB - This paper proposes a distributed network based worm detection method, d-ACTM, to detect a kind of hit-list worm named Silent worm. The worm propagation behavior in the network is expressed as a tree-like structure composed of the infected hosts and the infection connections. d-ACTM detects the existence of worms by detecting the tree structures composed of anomaly connections in a distributed manner. The sim,ulation result shows that d-ACTM can detect Silent worms before 7% of all vulnerable hosts are infected under the condition where the infection interval is equals to the normal connection interval.
UR - http://www.scopus.com/inward/record.url?scp=36349025769&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=36349025769&partnerID=8YFLogxK
U2 - 10.1109/PCCC.2007.358934
DO - 10.1109/PCCC.2007.358934
M3 - Conference contribution
AN - SCOPUS:36349025769
SN - 1424411386
SN - 9781424411382
T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference
SP - 510
EP - 517
BT - 27th IEEE International Performance Computing and Communications Conference, IPCCC 07
Y2 - 11 April 2007 through 13 April 2007
ER -