A behavioral approach to worm detection

@inproceedings{Ellis2004ABA,
  title={A behavioral approach to worm detection},
  author={Daniel R. Ellis and John G. Aiken and Kira S. Attwood and Scott D. Tenaglia},
  booktitle={WORM},
  year={2004}
}
This paper presents a new approach to the automatic detection of worms using behavioral signatures. A behavioral signature describes aspects of any particular worm's behavior that are common across the manifestations of a given worm and that span its nodes in temporal order. Characteristic patterns of worm behaviors in network traffic include 1) sending similar data from one machine to the next, 2) tree-like propagation and reconnaissance, and 3) changing a server into a client. These… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 132 CITATIONS

A Comparative Study of Virus Detection Techniques

VIEW 6 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Behaviour-based virus analysis and detection

VIEW 6 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

Cryptology and Network Security

  • Lecture Notes in Computer Science
  • 2013
VIEW 7 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

A mathematical exploitation of simulated uniform scanning botnet propagation dynamics for early stage detection and management

  • Journal of Computer Virology and Hacking Techniques
  • 2013
VIEW 3 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

FILTER CITATIONS BY YEAR

2005
2018

CITATION STATISTICS

  • 9 Highly Influenced Citations

  • Averaged 4 Citations per year from 2017 through 2019

References

Publications referenced by this paper.
SHOWING 1-3 OF 3 REFERENCES

Worms vs. perimeters: the case for hard-LANs

  • Proceedings. 12th Annual IEEE Symposium on High Performance Interconnects
  • 2004
VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

The Design of GrIDS: A Graph-Based Intrusion Detection System

Stuart Staniford
  • UCD Technical Report CSE-99-2,
  • 1999
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL