Please use this identifier to cite or link to this item:
https://repository.cihe.edu.hk/jspui/handle/cihe/1355| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chan, Anthony Hing-Hung | en_US |
| dc.date.accessioned | 2021-08-19T09:54:36Z | - |
| dc.date.available | 2021-08-19T09:54:36Z | - |
| dc.date.issued | 2010 | - |
| dc.identifier.uri | https://repository.cihe.edu.hk/jspui/handle/cihe/1355 | - |
| dc.description.abstract | Polymorphic worms pose a big challenge to the Internet security. The difficulty of detection of such a polymorphic worm is that it has more than one instance and very large efforts are needed to capture all these instances and to generate signatures. This paper proposes automatic system for signature generation for zero-day polymorphic worms. We have designed a novel double-honeynet system, which is able to detect new worms that have not been seen before. We apply Principal Component Analysis (PCA) to determine the most significant substrings that are shared between polymorphic worm instances and to use them as signatures. The system is able to generate signatures to match most polymorphic worm instances with low false positives and low false negatives. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | IEEE | en_US |
| dc.title | Detection of zero-day polymorphic worms using principal component analysis | en_US |
| dc.type | conference proceedings | en_US |
| dc.relation.publication | Proceedings of the 2010 Sixth International Conference on Networking and Services (ICNS) | en_US |
| dc.identifier.doi | 10.1109/ICNS.2010.45 | - |
| dc.contributor.affiliation | School of Computing and Information Sciences | en_US |
| dc.relation.isbn | 9781424459278 | en_US |
| dc.description.startpage | 277 | en_US |
| dc.description.endpage | 281 | en_US |
| dc.cihe.affiliated | No | - |
| item.openairecristype | http://purl.org/coar/resource_type/c_5794 | - |
| item.grantfulltext | none | - |
| item.cerifentitytype | Publications | - |
| item.languageiso639-1 | en | - |
| item.fulltext | No Fulltext | - |
| item.openairetype | conference proceedings | - |
| crisitem.author.dept | School of Computing and Information Sciences | - |
| crisitem.author.orcid | 0000-0001-7479-0787 | - |
| Appears in Collections: | CIS Publication | |
Show simple item record
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
