Earticle

초록

영어

Worms are self –replicating, fast moving malicious codes, capable of spreading themselves without human interaction. It’s a weapon of choice for those, who like to launch destructive attacks on network or internet as a whole. Recently there emerge more sophisticated worms such as polymorphic worm which vary their payload in every infection attempt. Polymorphic worms have more than one mutated instances. It is very important to detect and prevent such worms quickly and accurately at their early phase of infection. There are several worm detection and containment methods available. This paper surveys recent automated signature based detection of polymorphic worms and presents a classification for various signature approaches. There are two main categories of worm signatures, exploit specific and vulnerability driven. Both categories of signature are either network-based or host based. Each signature generation scheme is described and discussed in appropriate category. We analyze and compare different signature schemes. The paper concludes with challenge and scope of future research directions.

목차

Abstract
 1. Introduction
 2. Anatomy of Polymorphic worms:
 3. Classification of Polymorphic Worm Signatures
 4. Exploit-specific (Network Based) Signature Generation:
 5. Exploit Specific (Host based) signature:
 6. Vulnerability – Driven (Network Based) signature:
 7. Vulnerability- Driven (Host Based) signature:
 8. Comparison of Polymorphic worm signature Generation techniques:
 9. Conclusion and Future Work
 Acknowledgements
 References

키워드

저자

• Sounak Paul [ Dept. of Information Technology, Birla Institute of Technology, Mesra, Ranchi, India ]
• Bimal Kumar Mishra [ Dept. of Applied Mathematics, Birla Institute of Technology, Mesra, Ranchi, India ]

참고문헌

발행기관

간행물

표지보기 관심저널 등록

• 간행물명

  International Journal of u- and e- Service, Science and Technology

• 간기

  격월간

• pISSN

  2005-4246

• 수록기간

  2008~2016

• 십진분류

  KDC 505 DDC 605