An approach for classifying internet worms based on temporal behaviors and packet flows

Min-Soo Lee, Taeshik Shon, Kyuhyung Cho, Manhyun Chung, Jungtaek Seo, Jongsub Moon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.

Original languageEnglish
Title of host publicationAdvanced Intelligent Computing Theories and Applications
Subtitle of host publicationWith Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings
Pages646-655
Number of pages10
Volume4681 LNCS
Publication statusPublished - 2007 Dec 1
Event3rd International Conference on Intelligent Computing, ICIC 2007 - Qingdao, China
Duration: 2007 Aug 212007 Aug 24

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4681 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other3rd International Conference on Intelligent Computing, ICIC 2007
CountryChina
CityQingdao
Period07/8/2107/8/24

Fingerprint

Worm
Internet
Taxonomies
Viruses
Propagation
Industry
Structure-function
Taxonomy
Virus
Anomaly
Attack

Keywords

  • Taxonomy of worm
  • Temporal behavior
  • Ubiquitous security
  • Worm packet flows

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Lee, M-S., Shon, T., Cho, K., Chung, M., Seo, J., & Moon, J. (2007). An approach for classifying internet worms based on temporal behaviors and packet flows. In Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings (Vol. 4681 LNCS, pp. 646-655). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4681 LNCS).

An approach for classifying internet worms based on temporal behaviors and packet flows. / Lee, Min-Soo; Shon, Taeshik; Cho, Kyuhyung; Chung, Manhyun; Seo, Jungtaek; Moon, Jongsub.

Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. Vol. 4681 LNCS 2007. p. 646-655 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4681 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lee, M-S, Shon, T, Cho, K, Chung, M, Seo, J & Moon, J 2007, An approach for classifying internet worms based on temporal behaviors and packet flows. in Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. vol. 4681 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4681 LNCS, pp. 646-655, 3rd International Conference on Intelligent Computing, ICIC 2007, Qingdao, China, 07/8/21.
Lee M-S, Shon T, Cho K, Chung M, Seo J, Moon J. An approach for classifying internet worms based on temporal behaviors and packet flows. In Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. Vol. 4681 LNCS. 2007. p. 646-655. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Lee, Min-Soo ; Shon, Taeshik ; Cho, Kyuhyung ; Chung, Manhyun ; Seo, Jungtaek ; Moon, Jongsub. / An approach for classifying internet worms based on temporal behaviors and packet flows. Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. Vol. 4681 LNCS 2007. pp. 646-655 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{e7be89adb14a4929a040d714426103aa,
title = "An approach for classifying internet worms based on temporal behaviors and packet flows",
abstract = "With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.",
keywords = "Taxonomy of worm, Temporal behavior, Ubiquitous security, Worm packet flows",
author = "Min-Soo Lee and Taeshik Shon and Kyuhyung Cho and Manhyun Chung and Jungtaek Seo and Jongsub Moon",
year = "2007",
month = "12",
day = "1",
language = "English",
isbn = "9783540741701",
volume = "4681 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "646--655",
booktitle = "Advanced Intelligent Computing Theories and Applications",

}

TY - GEN

T1 - An approach for classifying internet worms based on temporal behaviors and packet flows

AU - Lee, Min-Soo

AU - Shon, Taeshik

AU - Cho, Kyuhyung

AU - Chung, Manhyun

AU - Seo, Jungtaek

AU - Moon, Jongsub

PY - 2007/12/1

Y1 - 2007/12/1

N2 - With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.

AB - With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.

KW - Taxonomy of worm

KW - Temporal behavior

KW - Ubiquitous security

KW - Worm packet flows

UR - http://www.scopus.com/inward/record.url?scp=38049088466&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38049088466&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:38049088466

SN - 9783540741701

VL - 4681 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 646

EP - 655

BT - Advanced Intelligent Computing Theories and Applications

ER -