Please use this identifier to cite or link to this item:
https://repository.cihe.edu.hk/jspui/handle/cihe/1375| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chan, Anthony Hing-Hung | en_US |
| dc.contributor.other | Mohammed, M. M. Z. E. | - |
| dc.contributor.other | Ventura, N. | - |
| dc.date.accessioned | 2021-08-23T04:54:36Z | - |
| dc.date.available | 2021-08-23T04:54:36Z | - |
| dc.date.issued | 2008 | - |
| dc.identifier.uri | https://repository.cihe.edu.hk/jspui/handle/cihe/1375 | - |
| dc.description.abstract | Signature-based intrusion detection systems (IDSs) can be evaded by polymorphic worms which vary their payloads in every infection attempt. In this paper, we propose Honeycyber, a system for automated signature generation for zero-day polymorphic worms. We have designed a novel double-Honeynet system, which is able to automatically detect new worms and isolate the attack traffic from innocuous traffic. We introduce unlimited Honeynet outbound connections, which allow us to capture different payloads in every infection of the same worm. The system is able to generate signatures to match most polymorphic worm instances with low false positives and low false negatives. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | IEEE | en_US |
| dc.title | Honeycyber: Automated signature generation for zero-day polymorphic worms | en_US |
| dc.type | conference proceedings | en_US |
| dc.relation.publication | Proceedings of the 2008 IEEE Military Communications Conference (MILCOM) | en_US |
| dc.identifier.doi | 10.1109/MILCOM.2008.4753178 | - |
| dc.contributor.affiliation | School of Computing and Information Sciences | en_US |
| dc.relation.isbn | 9781424426768 | en_US |
| dc.description.startpage | 980 | - |
| dc.description.endpage | 985 | - |
| dc.cihe.affiliated | No | - |
| item.languageiso639-1 | en | - |
| item.fulltext | No Fulltext | - |
| item.openairetype | conference proceedings | - |
| item.grantfulltext | none | - |
| item.openairecristype | http://purl.org/coar/resource_type/c_5794 | - |
| item.cerifentitytype | Publications | - |
| crisitem.author.dept | Yam Pak Charitable Foundation School of Computing and Information Sciences | - |
| crisitem.author.orcid | 0000-0001-7479-0787 | - |
| Appears in Collections: | CIS Publication | |
Show simple item record
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
