An approach for classifying internet worms based on temporal behaviors and packet flows

Min-Soo Lee; Taeshik Shon; Kyuhyung Cho; Manhyun Chung; Jungtaek Seo; Jongsub Moon

An approach for classifying internet worms based on temporal behaviors and packet flows

Min-Soo Lee, Taeshik Shon, Kyuhyung Cho, Manhyun Chung, Jungtaek Seo, Jongsub Moon

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.

Original language	English
Title of host publication	Advanced Intelligent Computing Theories and Applications
Subtitle of host publication	With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings
Pages	646-655
Number of pages	10
Volume	4681 LNCS
Publication status	Published - 2007 Dec 1
Event	3rd International Conference on Intelligent Computing, ICIC 2007 - Qingdao, China Duration: 2007 Aug 21 → 2007 Aug 24

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	4681 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	3rd International Conference on Intelligent Computing, ICIC 2007
Country/Territory	China
City	Qingdao
Period	07/8/21 → 07/8/24

Keywords

Taxonomy of worm
Temporal behavior
Ubiquitous security
Worm packet flows

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Cite this

Lee, M-S., Shon, T., Cho, K., Chung, M., Seo, J., & Moon, J. (2007). An approach for classifying internet worms based on temporal behaviors and packet flows. In Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings (Vol. 4681 LNCS, pp. 646-655). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4681 LNCS).

An approach for classifying internet worms based on temporal behaviors and packet flows. / Lee, Min-Soo; Shon, Taeshik; Cho, Kyuhyung et al.
Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. Vol. 4681 LNCS 2007. p. 646-655 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4681 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lee, M-S, Shon, T, Cho, K, Chung, M, Seo, J & Moon, J 2007, An approach for classifying internet worms based on temporal behaviors and packet flows. in Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. vol. 4681 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4681 LNCS, pp. 646-655, 3rd International Conference on Intelligent Computing, ICIC 2007, Qingdao, China, 07/8/21.

Lee M-S, Shon T, Cho K, Chung M, Seo J, Moon J. An approach for classifying internet worms based on temporal behaviors and packet flows. In Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. Vol. 4681 LNCS. 2007. p. 646-655. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

Lee, Min-Soo ; Shon, Taeshik ; Cho, Kyuhyung et al. / An approach for classifying internet worms based on temporal behaviors and packet flows. Advanced Intelligent Computing Theories and Applications: With Aspects of Theoretical and Methodological Issues - Third International Conference on Intelligent Computing, ICIC 2007, Proceedings. Vol. 4681 LNCS 2007. pp. 646-655 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{e7be89adb14a4929a040d714426103aa,

title = "An approach for classifying internet worms based on temporal behaviors and packet flows",

abstract = "With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.",

keywords = "Taxonomy of worm, Temporal behavior, Ubiquitous security, Worm packet flows",

author = "Min-Soo Lee and Taeshik Shon and Kyuhyung Cho and Manhyun Chung and Jungtaek Seo and Jongsub Moon",

year = "2007",

month = dec,

day = "1",

language = "English",

isbn = "9783540741701",

volume = "4681 LNCS",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "646--655",

booktitle = "Advanced Intelligent Computing Theories and Applications",

note = "3rd International Conference on Intelligent Computing, ICIC 2007 ; Conference date: 21-08-2007 Through 24-08-2007",

}

TY - GEN

T1 - An approach for classifying internet worms based on temporal behaviors and packet flows

AU - Lee, Min-Soo

AU - Shon, Taeshik

AU - Cho, Kyuhyung

AU - Chung, Manhyun

AU - Seo, Jungtaek

AU - Moon, Jongsub

PY - 2007/12/1

Y1 - 2007/12/1

N2 - With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.

AB - With the growth of critical worm threats, many researchers have studied worm-related topics and internet anomalies. The researches are mainly concentrated on worm propagation and detection more than the fundamental characteristics of worms. It is very important to know worms' characteristics because the characteristics provide basic resource for worm prevention. Unfortunately, this kind of research cases are very few until now. Moreover the existing researches only focus on understanding the function structure of the worm propagation or the taxonomy of the worm according to a sequence of worm attacks. Thus, in this paper, we try to confirm the formalized pattern of the worm action from the existing researches and analyze the report of the anti-virus companies. Finally, we define the formalized actions based on temporal behaviors and worm packet flows, and we apply our proposed method for the new worm classification.

KW - Taxonomy of worm

KW - Temporal behavior

KW - Ubiquitous security

KW - Worm packet flows

UR - http://www.scopus.com/inward/record.url?scp=38049088466&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38049088466&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:38049088466

SN - 9783540741701

VL - 4681 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 646

EP - 655

BT - Advanced Intelligent Computing Theories and Applications

T2 - 3rd International Conference on Intelligent Computing, ICIC 2007

Y2 - 21 August 2007 through 24 August 2007

ER -

An approach for classifying internet worms based on temporal behaviors and packet flows

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this