Is early warning of an imminent worm epidemic possible?

Hyundo Park, Hyogon Kim, Heejo Lee

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm's scanning strategies.

Original languageEnglish
Pages (from-to)14-20
Number of pages7
JournalIEEE Network
Volume23
Issue number5
DOIs
Publication statusPublished - 2009 Oct 22

Fingerprint

Telecommunication traffic
Acoustic waves
Scanning
Denial-of-service attack

Keywords

  • Data mining
  • Filtering
  • Grippers
  • Internet
  • IP networks
  • Layout
  • Monitoring

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems
  • Software

Cite this

Is early warning of an imminent worm epidemic possible? / Park, Hyundo; Kim, Hyogon; Lee, Heejo.

In: IEEE Network, Vol. 23, No. 5, 22.10.2009, p. 14-20.

Research output: Contribution to journalArticle

@article{ca6fb647764a44939890cc9f7a2a8067,
title = "Is early warning of an imminent worm epidemic possible?",
abstract = "This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm's scanning strategies.",
keywords = "Data mining, Filtering, Grippers, Internet, IP networks, Layout, Monitoring",
author = "Hyundo Park and Hyogon Kim and Heejo Lee",
year = "2009",
month = "10",
day = "22",
doi = "10.1109/MNET.2009.5274917",
language = "English",
volume = "23",
pages = "14--20",
journal = "IEEE Network",
issn = "0890-8044",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "5",

}

TY - JOUR

T1 - Is early warning of an imminent worm epidemic possible?

AU - Park, Hyundo

AU - Kim, Hyogon

AU - Lee, Heejo

PY - 2009/10/22

Y1 - 2009/10/22

N2 - This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm's scanning strategies.

AB - This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm's scanning strategies.

KW - Data mining

KW - Filtering

KW - Grippers

KW - Internet

KW - IP networks

KW - Layout

KW - Monitoring

UR - http://www.scopus.com/inward/record.url?scp=70350070755&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350070755&partnerID=8YFLogxK

U2 - 10.1109/MNET.2009.5274917

DO - 10.1109/MNET.2009.5274917

M3 - Article

AN - SCOPUS:70350070755

VL - 23

SP - 14

EP - 20

JO - IEEE Network

JF - IEEE Network

SN - 0890-8044

IS - 5

ER -