Add to ORKGAbstract: We present a worm detection system that leverages the reliability of IP-Flow and the effectiveness of learning machines. Typically, a host infected by a scanning or an email worm initiates a significant amount of traffic that does not rely on DNS to translate names into numeric IP addresses. Based on this fact, we capture and classify NetFlow records to extract feature patterns for each PC on the network within a certain period of time. A feature pattern includes: No of DNS requests, no of DNS responses, no of DNS normals, and no of DNS anomalies. Two learning machines are used, K-Nearest Neighbors (KNN) and Naive Bayes (NB), for the purpose of classification. Solid statistical tests, the cross-validation and paired t-test, are co...
The research project aims to find ways to detect malicious packets inside encrypted network traffic....
The scope of this research is computer worm detection. Computer worm has been defined as a process t...
The research project aims to find ways to detect malicious packets inside encrypted network traffic....
Email worms remain a major network security concern, as they increasingly attack systems with intens...
The high prevalence of email worms indicates that current in-network defence mechanisms are incapabl...
<p>Network intrusion detection systems typically detect worms by examining packet or flow logs...
The conference aimed at supporting and stimulating active productive research set to strengthen the ...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Active worms has been major security threat to the Internet. This is due to the ability of active wo...
Network intrusion detection systems typically detect worms by examining packet or flow logs for know...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...
Machine learning techniques are widely used in many fields. One of the applications of machine learn...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...
ENGELSK: The Internet has become the main network for commerce, recreation and communication and thi...
In this research we compare different methods to examine network packets using supervised learning t...
The research project aims to find ways to detect malicious packets inside encrypted network traffic....
The scope of this research is computer worm detection. Computer worm has been defined as a process t...
The research project aims to find ways to detect malicious packets inside encrypted network traffic....
Email worms remain a major network security concern, as they increasingly attack systems with intens...
The high prevalence of email worms indicates that current in-network defence mechanisms are incapabl...
<p>Network intrusion detection systems typically detect worms by examining packet or flow logs...
The conference aimed at supporting and stimulating active productive research set to strengthen the ...
Abstract: Problem statement: A worm is a malicious piece of code that self-propagates, often via net...
Active worms has been major security threat to the Internet. This is due to the ability of active wo...
Network intrusion detection systems typically detect worms by examining packet or flow logs for know...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...
Machine learning techniques are widely used in many fields. One of the applications of machine learn...
Worms are arguably the most serious security threat facing the Internet. Seeking a detection techniq...
ENGELSK: The Internet has become the main network for commerce, recreation and communication and thi...
In this research we compare different methods to examine network packets using supervised learning t...
The research project aims to find ways to detect malicious packets inside encrypted network traffic....
The scope of this research is computer worm detection. Computer worm has been defined as a process t...
The research project aims to find ways to detect malicious packets inside encrypted network traffic....