| Presentation | 2006-07-13 A Study on Automatic Classification of Worm Flows Based on Common Pieces of Flow Payloads Hiroshi TSUNODA, Yuji WAIZUMI, Zheng SEKIBE, Yoshiaki NEMOTO, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Security management is a core issue in the current Internet, and illegal accesses is a serious problem in security management. Among various types of illegal accesses, damage caused by Internet worms has become a social problems. For avoiding and mitigating the damage from worms, early detection and appropriate responses depending on the type of worms are required. Although signature-based intrusion detection systems (IDSs) are useful countermeasures for worms, classification result of detected worms may differ for different among IDSs, because signatures are criteria on distinction of the worm type. This can incur confusion on appropriate responses for worms. In this paper, we presents a worm classification system based on the common pieces included in the payload of the same type of worms. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Worm / Flow payload / Common token / Signature |
| Paper # | CQ2006-20 |
| Date of Issue |
| Conference Information | |
| Committee | CQ |
|---|---|
| Conference Date | 2006/7/6(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Communication Quality (CQ) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Study on Automatic Classification of Worm Flows Based on Common Pieces of Flow Payloads |
| Sub Title (in English) | |
| Keyword(1) | Worm |
| Keyword(2) | Flow payload |
| Keyword(3) | Common token |
| Keyword(4) | Signature |
| 1st Author's Name | Hiroshi TSUNODA |
| 1st Author's Affiliation | Graduate School of Information Sciences, Tohoku University() |
| 2nd Author's Name | Yuji WAIZUMI |
| 2nd Author's Affiliation | Graduate School of Information Sciences, Tohoku University |
| 3rd Author's Name | Zheng SEKIBE |
| 3rd Author's Affiliation | Graduate School of Information Sciences, Tohoku University:NIPPON TELEGRAPH AND TELEPHON EAST CORPORATION |
| 4th Author's Name | Yoshiaki NEMOTO |
| 4th Author's Affiliation | Graduate School of Information Sciences, Tohoku University |
| Date | 2006-07-13 |
| Paper # | CQ2006-20 |
| Volume (vol) | vol.106 |
| Number (no) | 153 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |