Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic

Abstract

Normal traffic can provide worms with a very good source of information to camouflage themselves. In this paper, we explore the concept of polymorphic worms that mutate based on normal traffic. We assume that a worm has already penetrated a system and is trying to hide its presence and propagation attempts from an IDS. We focus on stealthy worms that cannot… (More)

Topics

4 Figures and Tables

Statistics

01020'03'05'07'09'11'13'15'17
Citations per Year

144 Citations

Semantic Scholar estimates that this publication has 144 citations based on the available data.

See our FAQ for additional information.

Slides referencing similar topics