A Novel Approach to Worm Detection Systems

Date

2015-07-28

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

IEEE

Type

Conference

Peer reviewed

Yes

Abstract

Computer worms are a type of malicious malware that prey on networked machines. A number of different detection mechanisms have been presented in the literature to detect worms. However, a common drawback of these mechanisms is that any failure to detect the worms results in damaging the real machines. This study proposes a new approach to detection that goes beyond the currently available signature and behavior-based approaches. In contrast to the traditional worm detection system (𝑊𝐷𝑆) that use signature and behavior-based approaches, our proposed approach is based on detection by the damage caused by worms on dummy machines rather than the real machines. The proposed 𝑊𝐷𝑆 adds additional security as compared to the currently used systems by allowing worms to conduct their normal behavior in a dummy host, thus protecting the rest of the network from damage. The proposed 𝑊𝐷𝑆 was designed within a network setting and was capable of sending and receiving files and messages between hosts as part of the overall detection mechanism.

Description

Keywords

Worms detection, computer security, dummy host, behaviour-based, signature-based, damage

Citation

Al-Saawy, Y.B., Cau, A. and Siewe, F. (2015). A Novel Approach to Worm Detection Systems. Science and Information Conference 2015, London, Uk, pp. 1201--1205

Rights

Research Institute