Efficient content-based detection of zero-day worms

@article{Akritidis2005EfficientCD,
  title={Efficient content-based detection of zero-day worms},
  author={Periklis Akritidis and Kostas G. Anagnostakis and Evangelos P. Markatos},
  journal={IEEE International Conference on Communications, 2005. ICC 2005. 2005},
  year={2005},
  volume={2},
  pages={837-843 Vol. 2}
}
Recent cybersecurity incidents suggest that Internet worms can spread so fast that in-time human-mediated reaction is not possible, and therefore initial response to cyberattacks has to be automated. The first step towards combating new unknown worms is to be able to detect and identify them at the first stages of their spread. In this paper, we present a novel method for detecting new worms based on identifying similar packet contents directed to multiple destination hosts. We evaluate our… CONTINUE READING
Highly Cited
This paper has 45 citations. REVIEW CITATIONS