東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

Design and implementation of a worm ...

Concordia University (Canada).

FindBook

Google Book

Amazon

博客來

Design and implementation of a worm detection and mitigation system.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Design and implementation of a worm detection and mitigation system./
作者:	Binsalleeh, Hamad.
面頁冊數:	65 p.
附註:	Source: Masters Abstracts International, Volume: 47-01, page: 0399.
Contained By:	Masters Abstracts International47-01.
標題:	Computer Science. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=MR40903
ISBN:	9780494409039

Design and implementation of a worm detection and mitigation system.
Binsalleeh, Hamad.

Design and implementation of a worm detection and mitigation system. - 65 p.

Source: Masters Abstracts International, Volume: 47-01, page: 0399.

Thesis (M.A.Sc.)--Concordia University (Canada), 2008.

The developed system has been tested with real worms in a controlled network environment. The obtained experimental results confirm the soundness and effectiveness of the developed system.

ISBN: 9780494409039Subjects--Topical Terms:

626642
Computer Science.

Design and implementation of a worm detection and mitigation system.
LDR:03143nmm 2200289 a 45 001 867547
005 20100804
008 100804s2008 ||||||||||||||||| ||eng d
020 $a 9780494409039
035 $a (UMI)AAIMR40903
035 $a AAIMR40903
040 $a UMI $c UMI
100 1 $a Binsalleeh, Hamad. $3 1036291
245 1 0 $a Design and implementation of a worm detection and mitigation system.
300 $a 65 p.
500 $a Source: Masters Abstracts International, Volume: 47-01, page: 0399.
502 $a Thesis (M.A.Sc.)--Concordia University (Canada), 2008.
520 $a The developed system has been tested with real worms in a controlled network environment. The obtained experimental results confirm the soundness and effectiveness of the developed system.
520 $a Internet worms are self-replicating malware programs that use the Internet to replicate themselves and propagate to other vulnerable nodes without any user intervention. In addition to consuming the valuable network bandwidth, worms may also cause other harms to the infected nodes and networks. Currently, the economic damage of Internet worms' attacks has reached a level that made early detection and mitigation of Internet worms a top priority for security professionals within enterprise networks and service providers.
520 $a While the majority of legitimate Internet services rely on the Domain Name System (DNS) to provide the translation between the alphanumeric human memorizable host names and their corresponding IP addresses, scanning worms typically use numeric IP addresses to reach their target victims instead of domain names and hence eliminate the need for DNS queries before new connections are established by the worms. Similarly, modern mass-mailing worms employ their own SMTP engine to bypass local mail servers security measures. However, they still rely on the DNS servers for locating the respective mail servers of their intended victims. Creating host-based Mail eXchange (MX) requests is a violation of the typical communication pattern because these requests are supposed to only take place between mail servers and DNS servers. Several researchers have noted that the correlation of DNS queries with outgoing connections from the network can be utilized for the detection zero-day scanning worms and mass-mailing worms.
520 $a In this work, we implement an integrated system for the detection and mitigation of zero-day scanning and mass-mailing worms. The detection engine of our system utilizes the above mentioned DNS anomalies of the worm traffic. Once a worm is detected, the firewall rules are automatically updated in order to isolate the infected host. An automatic alert is also sent to the user of the infected host. The system can be configured such that the user response to this alert is used to undo the firewall updates and hence helps reduce the interruption of service resulting from false alarms.
590 $a School code: 0228.
650 4 $a Computer Science. $3 626642
650 4 $a Engineering, System Science. $3 1018128
690 $a 0790
690 $a 0984
710 2 $a Concordia University (Canada). $3 1018569
773 0 $t Masters Abstracts International $g 47-01.
790 $a 0228
791 $a M.A.Sc.
792 $a 2008
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=MR40903