| Presentation | 2005-11-17 Detection of Worm-Infected Hosts by Communication Pattern Analysis Tatsuya MORI, Ryoichi KAWAHARA, Noriaki KAMIYAMA, Keisuke ISHIBASHI, Takeo ABE, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | This paper develops a new method, which detects worm-infected hosts through the analysis of communication pattern of each host. Our approach follows a two-stage strategy. We first introduce the quantitative definition of communication pattern. We show that the worm-infected hosts exhibit intrinsic characteristics of communication pattern, and they can be classified from those of other hosts, through the cluster analysis. We then propose a method to detect worm-infected hosts by applying the defined communication pattern to the Naive Bayesian Classifier (NBC). We validate the accuracy of our method with measured traffic data. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | measurement / worm / detection / communication pattern / cluster analysis / Bayesian Classification |
| Paper # | NS2005-113,CQ2005-67,TM2005-28 |
| Date of Issue |
| Conference Information | |
| Committee | CQ |
|---|---|
| Conference Date | 2005/11/10(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Communication Quality (CQ) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Detection of Worm-Infected Hosts by Communication Pattern Analysis |
| Sub Title (in English) | |
| Keyword(1) | measurement |
| Keyword(2) | worm |
| Keyword(3) | detection |
| Keyword(4) | communication pattern |
| Keyword(5) | cluster analysis |
| Keyword(6) | Bayesian Classification |
| 1st Author's Name | Tatsuya MORI |
| 1st Author's Affiliation | NTT Service Integration Laboratories() |
| 2nd Author's Name | Ryoichi KAWAHARA |
| 2nd Author's Affiliation | NTT Service Integration Laboratories |
| 3rd Author's Name | Noriaki KAMIYAMA |
| 3rd Author's Affiliation | NTT Service Integration Laboratories |
| 4th Author's Name | Keisuke ISHIBASHI |
| 4th Author's Affiliation | NTT Information Platform Sharing Laboratories |
| 5th Author's Name | Takeo ABE |
| 5th Author's Affiliation | NTT Service Integration Laboratories |
| Date | 2005-11-17 |
| Paper # | NS2005-113,CQ2005-67,TM2005-28 |
| Volume (vol) | vol.105 |
| Number (no) | 406 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |