Analyzing Maximum Length of Instruction Sequence in Network Packets for Polymorphic Worm Detection

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Kohei Tatara Articles by Yoshiaki Hori Articles by Kouichi Sakurai

2008 International Conference on Multimedia and Ubiquitous Engineering (mue 2008)

April 24-April 26

ISBN: 978-0-7695-3134-2

	ASCII Text	x
	Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai, "Analyzing Maximum Length of Instruction Sequence in Network Packets for Polymorphic Worm Detection," Multimedia and Ubiquitous Engineering, International Conference on, pp. 485-489, 2008 International Conference on Multimedia and Ubiquitous Engineering (mue 2008), 2008.

	BibTex	x
	@article{ 10.1109/MUE.2008.119, author = {Kohei Tatara and Yoshiaki Hori and Kouichi Sakurai}, title = {Analyzing Maximum Length of Instruction Sequence in Network Packets for Polymorphic Worm Detection}, journal ={Multimedia and Ubiquitous Engineering, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3134-2}, pages = {485-489}, doi = {http://doi.ieeecomputersociety.org/10.1109/MUE.2008.119}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Multimedia and Ubiquitous Engineering, International Conference on TI - Analyzing Maximum Length of Instruction Sequence in Network Packets for Polymorphic Worm Detection SN - 978-0-7695-3134-2 SP485 EP489 A1 - Kohei Tatara, A1 - Yoshiaki Hori, A1 - Kouichi Sakurai, PY - 2008 KW - Polymorphic Worm Detection KW - Abstract Payload Execution VL - 0 JA - Multimedia and Ubiquitous Engineering, International Conference on ER -

Kohei Tatara

Yoshiaki Hori

Kouichi Sakurai

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MUE.2008.119

The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the data flows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

Index Terms:

Polymorphic Worm Detection, Abstract Payload Execution

Citation:

Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai, "Analyzing Maximum Length of Instruction Sequence in Network Packets for Polymorphic Worm Detection," mue, pp.485-489, 2008 International Conference on Multimedia and Ubiquitous Engineering (mue 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.