Detecting Worms via Mining Dynamic Program Execution

  title={Detecting Worms via Mining Dynamic Program Execution},
  • Published 2007
Worm attacks have been major security threats to the Internet. Detecting worms, especially new, unseen worms, is still a challenging problem. In this paper, we propose a new worm detection approach based on mining the dynamic program executions. This approach can capture the dynamic behavior of executables to provide accurate and efficient detection against both seen and unseen worms. In particular, we execute a large number of real-world worms and benign executables, and trace their system… CONTINUE READING
Highly Cited
This paper has 39 citations. REVIEW CITATIONS