Add to ORKGNormal traffic can provide worms with a very good source of information to camouflage themselves. In this paper, we explore the concept of polymorphic worms that mutate based on normal traffic. We assume that a worm has already penetrated a system and is trying to hide its presence and propagation attempts from an IDS.We focus on stealthy worms that cannot be reliably detected by increases in traffic because of their low propagation factor.We first give an example of a simple polymorphic worm. Such worms can evade a signature-based IDS but not necessarily an anomaly-based IDS. We then show that it is feasible for an advanced polymorphic worm to gather a normal traffic profile and use it to evade an anomaly-based IDS.We tested the a...
It is widely believed that content-signature-based intru-sion detection systems (IDSes) are easily e...
Abstract: This paper surveys the Internet worms-related literature and how stealthy worm behaviour c...
Abstract — In this paper, we address issues related to the modeling, analysis, and countermeasures o...
Internet worms pose a major threat to Internet infrastructure security, and their destruction is tru...
Zero-day polymorphic worms pose a serious threat to the security of Mobile systems and Internet infr...
A very effective means to evade signature-based intrusion detection systems (IDS) is to employ polym...
Most current anti-worm systems and intrusion-detection systems use signature-based technology instea...
Metamorphic malware changes its internal structure across generations, but its functionality remains...
Modern worms can spread so quickly that any countermea-sure based on human reaction might not be fas...
It is widely believed that content-signature-based intrusion detection systems (IDSes) are easily ev...
It is widely believed that content-signature-based intrusion detection systems (IDSes) are easily ev...
It is widely believed that content-signature-based intrusion detection systems (IDS) are easily evad...
This paper examines the general behaviour of stealthy worms. In particular, we focus on worms that a...
Abstract — Polymorphic worms are a major threat to internet infrastructure security. In this mechani...
Able to propagate quickly and change their payload with each infection, polymorphic worms have been ...
It is widely believed that content-signature-based intru-sion detection systems (IDSes) are easily e...
Abstract: This paper surveys the Internet worms-related literature and how stealthy worm behaviour c...
Abstract — In this paper, we address issues related to the modeling, analysis, and countermeasures o...
Internet worms pose a major threat to Internet infrastructure security, and their destruction is tru...
Zero-day polymorphic worms pose a serious threat to the security of Mobile systems and Internet infr...
A very effective means to evade signature-based intrusion detection systems (IDS) is to employ polym...
Most current anti-worm systems and intrusion-detection systems use signature-based technology instea...
Metamorphic malware changes its internal structure across generations, but its functionality remains...
Modern worms can spread so quickly that any countermea-sure based on human reaction might not be fas...
It is widely believed that content-signature-based intrusion detection systems (IDSes) are easily ev...
It is widely believed that content-signature-based intrusion detection systems (IDSes) are easily ev...
It is widely believed that content-signature-based intrusion detection systems (IDS) are easily evad...
This paper examines the general behaviour of stealthy worms. In particular, we focus on worms that a...
Abstract — Polymorphic worms are a major threat to internet infrastructure security. In this mechani...
Able to propagate quickly and change their payload with each infection, polymorphic worms have been ...
It is widely believed that content-signature-based intru-sion detection systems (IDSes) are easily e...
Abstract: This paper surveys the Internet worms-related literature and how stealthy worm behaviour c...
Abstract — In this paper, we address issues related to the modeling, analysis, and countermeasures o...