Altyeb Altaher Altyeb

Learn More
It is now well known that Internet traffic exhibits selfsimilarity, which cannot be described by traditional Markovian models such as the Poisson process. The causes of self-similarity of network traffic must be identified because understanding the nature of network traffic is critical in order to properly design and implement computer networks and network(More)
Polymorphic worms evade network security systems by varying their payload every time an infection is attempted. The payload's variation operation is performed by using built-in self content encryptor. However, all encrypted payloads share the same invariant exploit code to ensure exploiting same vulnerability in same manner on all victims. This research(More)
A number of studies on traffic measurement from a variety of working networks have demonstrated that actual network traffic is self-similar in nature (traffic observed at different time resolutions has similar statistical properties, and this phenomenon cannot be modeled well by traditional traffic models such as Poisson and Markovian processes). The causes(More)
The exhaustion of IPv4 addresses on November 2011 has made the future of the internet in the IPv6 and raised new challenges in the network security research. This paper proposed a dual stack ipv4/ipv6 network testbed for dealing with the designation and implementation of an intelligent approach for malware detection in IPv6 networks. All the equipments,(More)
We present a worm detection system that leverages the reliability of IP-Flow and the effectiveness of learning machines. Typically, a host infected by a scanning or an email worm initiates a significant amount of traffic that does not rely on DNS to translate names into numeric IP addresses. Based on this fact, we capture and classify NetFlow records to(More)
  • 1