Proposal for the visualizing and quantitative method of searching characteristics of node (Japanisch)

Information Processing Society of Japan, Joho Shori
; 2007
  • Neue Suche nach:

In the last few years, the trend in security threats has been shifting to botnets or phishing, and large-scale incidents caused by network worms are on decrease. However, worm infection is continuously taking place and we should not dismiss the threats still out there. Information about the network worms, such as how they exploit vulnerabilities, infection symptoms, how to remove them, is widely published, but "worm propagation characteristics" - how they behave on the networks to cause infection - are hardly provided. Among other characteristics, the way a worm looks for potential targets is especially beneficial in estimating the infection rate and range. It would also help network managers in implementing countermeasures to protect their network and the Internet itself, but the information needed is not sufficiently available. On the technical side, quantifying the characteristics is a key task to make a comparison with the past worms or develop a detection technique using the target-searching characteristics. In this paper, we present a method to visualize periodic patterns the worms exhibit when looking for the targets, and the range and randomness of IP addresses they target. Furthermore, we show the effectiveness of our approach through worm categorization and comparison based on the quantified target-searching characteristics of the worms.

Wie erhalte ich diesen Titel?

Dokumentinformationen


Inhaltsverzeichnis – Band 48, Ausgabe 9

Zeige alle Jahrgänge und Ausgaben

Die Inhaltsverzeichnisse werden automatisch erzeugt und basieren auf den im Index des TIB-Portals verfügbaren Nachweisen der enthaltenen Aufsätze. Die Anzeige der Jahrgänge kann aufgrund fehlender Aufsatznachweise unvollständig oder lückenhaft sein, obwohl die Zeitschrift komplett in der TIB verfügbar ist.

2894
A requirements analysis method of unexpected obstacles in embedded software by applying information flow diagram
Shinyashiki, Y. / Mise, T. / Hashimoto, M. / Katamine, K. / Ubayashi, N. / Nakatani, T. | 2007
2966
The security of RC6 against asymmetric Chi-square test attack
Hinoue, T. / Mijaji, A. / Wada, T. | 2007
3014
Methods of standard MIDI file steganography resistant against attacks using characteristics of editing software
Toyama, T. / Suzuki, M. / Shikata, J. / Matsumoto, T. | 2007
3027
Key generation from multiple biometric features using statistical A/D conversion with error correction
Shibata, Y. / Miyaki, T. / Mizuno, T. / Nishigaki, M. | 2007
3039
A user authentication using blind spot and papillary light reflex
Nishigaki, M. / Ozawa, Y. | 2007
3073
Universally composable client-to-client general authenticated key exchange
Ota, H. / Yoneyama, K. / Kiyomoto, S. / Tanaka, T. / Ohta, K. | 2007
3099
Load-balancing SSL cluster by using session migration
Hatsugai, R. / Saito, T. | 2007
3110
Development of time-stamp validation server supporting time reliability verification
Tanigawa, Y. / Tezuka, S. / Oguro, H. / Hashikawa, Y. | 2007
3163
Proposal for the visualizing and quantitative method of searching characteristics of node
Nakakoji, H. / Terada, M. / Susaki, S. | 2007
3174
An unknown-worm detection based on capturing self-initiated READ behavior
Matsumoto, T. / Suzuki, K. / Takami, T. / Baba, T. / Maeda, S. / Mizuno, T. / Nishigaki, M. | 2007
3281
Improvement in understandability of the software clustering results by component rank model
Nakatsuka, G. / Matsushita, M. / Inoue, K. | 2007

Ähnliche Titel