A new generation for intelligent anti-internet worm early system detection

Worm requires host computer with an address on the Internet and any of several vulnerabilities to create a big threat environment.We propose intelligent early system detection mechanism for detecting internet worm.The mechanism is combined of three techniques: Failure Connection Detection (FCD) which concerns with detecting the internet worm and stealthy worm in which computer infected by the worm by using Artificial Immune System; and the Traffic Signature Detection (TSD) which responsible for detecting traffic signature for the worm; and the DNA Filtering Detection (DNAFD) which converts traffic signature to DNA signature and sending it to all computer that connected with the router to create a firewall for new worms.Our proposed algorithm can detect difficult stealthy internet worm in addition to detecting unknown internet worm

Intelligent failure connection algorithm for detecting internet worms

Morris worm showed the Internet community for the first time in 1988 that a worm could bring the Internet down in hours.Worm requires host computer with an address on the Internet and any of several vulnerabilities to create a big threat environment.We propose intelligent early system detection mechanism for detecting internet worm.The mechanism of our technique is concerned with detecting the internet worm and stealthy internet worm.The average of failure connections by using Artificial Immune System (AIS) is the main factor that our technique depends on in detecting the worm. In this paper, we show that our algorithm can detect new types of worms. This paper shows that intelligent Failure Connection Algorithm (IFCA) operation is faster than traditional algorithm in detecting worms

Intelligent DNA signature detection for internet worms

Internet scanning worms are widely regarded to be a major security threat faced by the Internet community today. Active worms spread in an automated fashion flooding the Internet in a very short time.Slammer worm infected more than 90% of vulnerable machines within 10 minutes on January 25th, 2003.Hence it is necessary to monitor and detect the worms as soon as they are introduced to minimize the damage caused by them.This project concentrates on developing an anti-scanning worm detection system that can automatically detect and control the spread of internet scanning worms without any manual intervention.The Intelligent Failure Connection Algorithm (IFCA) developed in this project can detect both stealth and normal worms within a short time.Experiments conducted as part of the evaluation shows that IFCA detects a worm within two scanning cycles of the worm.This is faster than any of the currently available algorithms or mechanisms reported in the literature.The IFCA uses Artificial Immune System (AIS) for the purpose of monitoring and detecting the worms.The Traffic Signature Algorithm (TSA) developed in the project captures the traffic signature of the worm from the infector when it sends the traffic to the victim.The Intelligent DNA Signature Detection Algorithm (IDNASDA) algorithm works by breaking an infection session into different infection phases, each phase containing a number of different traffic such as Internet Control Message Protocol (ICMP), Transmission Control Protocol (TCP), or User Datagram Protocol (UDP).Finally it converts the traffic signature to DNA signature.The tests carried out show that the IDNASD could detect DNA signature for MSBlaster worm

Preventing DDoS using Bloom Filter: A Survey

Distributed Denial-of-Service (DDoS) is a menace for service provider and prominent issue in network security. Defeating or defending the DDoS is a prime challenge. DDoS make a service unavailable for a certain time. This phenomenon harms the service providers, and hence, loss of business revenue. Therefore, DDoS is a grand challenge to defeat. There are numerous mechanism to defend DDoS, however, this paper surveys the deployment of Bloom Filter in defending a DDoS attack. The Bloom Filter is a probabilistic data structure for membership query that returns either true or false. Bloom Filter uses tiny memory to store information of large data. Therefore, packet information is stored in Bloom Filter to defend and defeat DDoS. This paper presents a survey on DDoS defending technique using Bloom Filter.Comment: 9 pages, 1 figure. This article is accepted for publication in EAI Endorsed Transactions on Scalable Information System