Is early warning of an imminent worm epidemic possible?

    Research output: Contribution to journalArticlepeer-review

    3 Citations (Scopus)

    Abstract

    This article introduces a novel anomaly detection method that makes use of only matrix operations and is highly sensitive to randomness in traffic. The sensitivity can be leveraged to detect attacks that exude randomness in traffic characteristics, such as denial-of-service attacks and worms. In particular, we show that the method can be used to alert of the imminent onset of a worm epidemic in a statistically sound manner, irrespective of the worm's scanning strategies.

    Original languageEnglish
    Pages (from-to)14-20
    Number of pages7
    JournalIEEE Network
    Volume23
    Issue number5
    DOIs
    Publication statusPublished - 2009

    Bibliographical note

    Funding Information:
    This work was supported in part by the ITRC program of the Korea Ministry of Knowledge Economy (MKE), the IT R&D program of MKE/IITA(2009-S-026-01), the Defense Acquisition Program Administration and Agency for Defense Development, and the Korea Research Foundation Grant 2009-0080413.

    Keywords

    • Data mining
    • Filtering
    • Grippers
    • IP networks
    • Internet
    • Layout
    • Monitoring

    ASJC Scopus subject areas

    • Software
    • Information Systems
    • Hardware and Architecture
    • Computer Networks and Communications

    Access to Document

    Other files and links

    Fingerprint

    Dive into the research topics of 'Is early warning of an imminent worm epidemic possible?'. Together they form a unique fingerprint.
    View full fingerprint

    Cite this