On the Effectiveness of multi-similarity for early detection of worms

P
PDCAT
2005
Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT'05)
Abstract - On the Effectiveness of multi-similarity for early detection of worms

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Hui He Articles by Mingzeng Hu Articles by Hongli Zhang Articles by Zhenjiang Tang

Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT'05)

Dalian, China

December 05-December 08

ISBN: 0-7695-2405-2

	ASCII Text	x
	Hui He, Mingzeng Hu, Hongli Zhang, Zhenjiang Tang, "On the Effectiveness of multi-similarity for early detection of worms," Parallel and Distributed Computing Applications and Technologies, International Conference on, pp. 229-233, Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT'05), 2005.

	BibTex	x
	@article{ 10.1109/PDCAT.2005.258, author = {Hui He and Mingzeng Hu and Hongli Zhang and Zhenjiang Tang}, title = {On the Effectiveness of multi-similarity for early detection of worms}, journal ={Parallel and Distributed Computing Applications and Technologies, International Conference on}, volume = {0}, year = {2005}, isbn = {0-7695-2405-2}, pages = {229-233}, doi = {http://doi.ieeecomputersociety.org/10.1109/PDCAT.2005.258}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel and Distributed Computing Applications and Technologies, International Conference on TI - On the Effectiveness of multi-similarity for early detection of worms SN - 0-7695-2405-2 SP229 EP233 A1 - Hui He, A1 - Mingzeng Hu, A1 - Hongli Zhang, A1 - Zhenjiang Tang, PY - 2005 KW - null VL - 0 JA - Parallel and Distributed Computing Applications and Technologies, International Conference on ER -

Hui He, Harbin Institute of Technology, China

Mingzeng Hu, Harbin Institute of Technology, China

Hongli Zhang, Harbin Institute of Technology, China

Zhenjiang Tang, Harbin Institute of Technology, China

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/PDCAT.2005.258

In this paper, an effective algorithm for early detection of worms is proposed. The early detection algorithm based on multi-similarity integrates the worms? behavior attributes with their traffic distribution and detects abnormal behavior by their similarity distribution change of some attributes. Three groups of experiments are conducted to evaluate the effectiveness of the algorithm. The results show that the multi-similarity owning the specialty of higher true positive, lower false positive and false negative. It can be conclude that the algorithm can detect the worm attack ahead of its overspreading on the large-scale network.

Citation:

Hui He, Mingzeng Hu, Hongli Zhang, Zhenjiang Tang, "On the Effectiveness of multi-similarity for early detection of worms," pdcat, pp.229-233, Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.