Spectral Flatness Measurements for Detection of C-Worms

Rajesh Jaladi; Mr. Rakesh Nayak

doi:https://doi.org/10.14445/22312803/IJCTT-V4I2P128

Research Article | Open Access | Download PDF

Volume 4 | Issue 2 | Year 2013 | Article Id. IJCTT-V4I2P128 | DOI : https://doi.org/10.14445/22312803/IJCTT-V4I2P128

Spectral Flatness Measurements for Detection of C-Worms

Rajesh Jaladi , Mr. Rakesh Nayak

Citation :

Rajesh Jaladi , Mr. Rakesh Nayak, "Spectral Flatness Measurements for Detection of C-Worms," International Journal of Computer Trends and Technology (IJCTT), vol. 4, no. 2, pp. 189-193, 2013. Crossref, https://doi.org/10.14445/22312803/IJCTT-V4I2P128

Abstract

Active Worms such as Morris(1988), CodeRed(2001)[1], Nimda(2001), Slammer worm(2003),Blaster(2003) and Witty(2004) had always caused large parts of the Internet to be temporarily inaccessible, costing both public and private sectors millions of dollars. We identified a hard to detect new class of worms like C-worms that has the ability to camouflage its propagation by intelligently manipulating its scanning traffic volume over time so that its propagation goes undetected by the existing worm detection schemes and file-sharing worms which propagate within a relatively smaller community.

Keywords

PSD, ESD, SFM.

References

[1] D. Moore, C. Shannon, and J. Brown, “Code-Red: A Case Study on the Spread and Victims of an Internet Worm,” Proc. Second Internet Measurement Workshop (IMW), Nov. 2002.
[2] R. Vogt, J. Aycock, and M. Jacobson, “Quorum Sensing and Self- Stopping Worms,” Proc. Fifth ACM Workshop Recurring Malcode (WORM), Oct. 2007.
[3] S. Staniford, V. Paxson, and N. Weaver, “How to Own the Internet in Your Spare Time,” Proc. 11th USENIX Security Symp. (SECURITY), Aug. 2002.
[4] Z.S. Chen, L.X. Gao, and K. Kwiat, “Modeling the Spread of Active Worms,” Proc. IEEE INFOCOM, Mar. 2003.
[5] M. Garetto, W.B. Gong, and D. Towsley, “Modeling Malware Spreading Dynamics,” Proc. IEEE INFOCOM, Mar. 2003.
[6] C. Zou, W.B. Gong, D. Towsley, and L.X. Gao, “Monitoring and Early Detection for Internet Worms,” Proc. 10th ACM Conf. Computer and Comm. Security (CCS), Oct. 2003.
[7] W. Yu, S. Chellappan, C. Boyer, and D. Xuan, “Peer-to-Peer System-Based Active Worm Attacks: Modeling and Analysis,” Proc. IEEE Int’l Conf. Comm. (ICC), May 2005.
[8] D. Ha and H. Ngo, “On the Trade-Off between Speed and Resiliency of Flash Worms and Similar Malcodes,” Proc. Fifth ACM Workshop Recurring Malcode (WORM), Oct. 2007.
[9] W. Yu, X. Wang, D. Xuan, and D. Lee, “Effective Detection of Active Worms with Varying Scan Rate,” Proc. IEEE Int’l Conf. Security and Privacy in Comm. Networks (SECURECOMM), Aug. 2006. [10] S. Venkataraman, D. Song, P. Gibbons, and A. Blum,“New streaming algorithms for superspreader detection,” in Proceedings of the 12-th IEEE Network andDistributed Systems Security Symposium (NDSS), SanDiego, CA, Febrary 2005.
[11] J. Wu, S. Vangala, and L. X. Gao, “An effective architecture and algorithm for detecting worms with various scan techniques,” in Proceedings of the 11-thIEEE Network and Distributed System Security Symposium (NDSS), San Diego, CA, Febrary 2004.