Please use this identifier to cite or link to this item:
https://repository.cihe.edu.hk/jspui/handle/cihe/1372| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chan, Anthony Hing-Hung | en_US |
| dc.contributor.other | Mohammed, M. M. Z. E. | - |
| dc.date.accessioned | 2021-08-23T04:31:32Z | - |
| dc.date.available | 2021-08-23T04:31:32Z | - |
| dc.date.issued | 2008 | - |
| dc.identifier.uri | https://repository.cihe.edu.hk/jspui/handle/cihe/1372 | - |
| dc.description.abstract | Polymorphic worms evade signature-based intrusion detection systems (IDSs) by varying their payloads on every infection attempt. In this paper, we propose a system for automated signature generation for polymorphic worms. We design a novel double-honeynet system which is able to automatically detect unknown polymorphic worms. We propose signatures with multiple substrings to match most of the worm instances with low false positives and low false negatives. Our system applies signature-based detection, protocol anomaly detection, and protocol semantics awareness to the network traffic that is captured by the double-honeynet. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | IEEE | en_US |
| dc.title | Fast automated signature generation for polymorphic worms using double-honeynet | en_US |
| dc.type | conference proceedings | en_US |
| dc.relation.publication | Proceedings of the 2008 Third International Conference on Broadband Communications, Information Technology & Biomedical Applications (BROADCOM) | en_US |
| dc.identifier.doi | 10.1109/BROADCOM.2008.21 | - |
| dc.contributor.affiliation | School of Computing and Information Sciences | en_US |
| dc.relation.isbn | 9781424432813 | en_US |
| dc.description.startpage | 142 | en_US |
| dc.description.endpage | 147 | en_US |
| dc.cihe.affiliated | No | - |
| item.openairecristype | http://purl.org/coar/resource_type/c_5794 | - |
| item.cerifentitytype | Publications | - |
| item.grantfulltext | none | - |
| item.languageiso639-1 | en | - |
| item.openairetype | conference proceedings | - |
| item.fulltext | No Fulltext | - |
| crisitem.author.dept | School of Computing and Information Sciences | - |
| crisitem.author.orcid | 0000-0001-7479-0787 | - |
| Appears in Collections: | CIS Publication | |
Show simple item record
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
