Please use this identifier to cite or link to this item:
https://repository.cihe.edu.hk/jspui/handle/cihe/1365| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chan, Anthony Hing-Hung | en_US |
| dc.contributor.other | Mohammed, M. M. Z. E. | - |
| dc.contributor.other | Ventura, N. | - |
| dc.contributor.other | Hashim, M. | - |
| dc.contributor.other | Amin, I. | - |
| dc.date.accessioned | 2021-08-20T07:44:47Z | - |
| dc.date.available | 2021-08-20T07:44:47Z | - |
| dc.date.issued | 2009 | - |
| dc.identifier.uri | https://repository.cihe.edu.hk/jspui/handle/cihe/1365 | - |
| dc.description.abstract | Internet worms pose a major threat to institutions, companies, organizations, universities, and the like, and their destruction causes loss of millions of dollars. Therefore, the networks must be protected as much as possible to avoid losses. In this paper we propose automatic and accurate system for signature generation for unknown polymorphic worms. We have designed a novel double-honeynet system, which is able to detect new worms that have not been seen before. The system is based on a modified Knuth-Morris-Pratt Algorithm that uses polymorphic worm substrings to find multiple invariant substrings that are shared between all polymorphic worm instances and use them as signatures. The system is able to generate accurate signatures for single and multiple worms. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | CSREA Press | en_US |
| dc.title | A modified Knuth-Morris-Pratt Algorithm for zero-day polymorphic worms detection | en_US |
| dc.type | conference proceedings | en_US |
| dc.relation.publication | Proceedings of the 2009 International Conference on Security and Management (SAM) | en_US |
| dc.contributor.affiliation | School of Computing and Information Sciences | en_US |
| dc.relation.isbn | 1601321260 | en_US |
| dc.cihe.affiliated | No | - |
| item.languageiso639-1 | en | - |
| item.fulltext | No Fulltext | - |
| item.openairetype | conference proceedings | - |
| item.grantfulltext | none | - |
| item.openairecristype | http://purl.org/coar/resource_type/c_5794 | - |
| item.cerifentitytype | Publications | - |
| crisitem.author.dept | Yam Pak Charitable Foundation School of Computing and Information Sciences | - |
| crisitem.author.orcid | 0000-0001-7479-0787 | - |
| Appears in Collections: | CIS Publication | |
Show simple item record
Google ScholarTM
Check
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
