Is early warning of an imminent worm epidemic possible?

Hyundo Park, Hyogon Kim, Heejo Lee

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm's scanning strategies.

Original languageEnglish
Pages (from-to)14-20
Number of pages7
JournalIEEE Network
Volume23
Issue number5
DOIs
Publication statusPublished - 2009

Keywords

  • Data mining
  • Filtering
  • Grippers
  • IP networks
  • Internet
  • Layout
  • Monitoring

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Is early warning of an imminent worm epidemic possible?'. Together they form a unique fingerprint.

  • Cite this