Detection algorithm for internet worms scanning that used user datagram protocol
作者: Mohammad M. Rasheed Norita Md Norwawi Osman Ghazali Munadil K. Faaeq
刊名: Int. J. of Information and Computer Security, 2019, Vol.11 (1), pp.17-32
来源数据库: Inderscience Enterprises Limited
DOI: 10.1504/IJICS.2019.096847
关键词: Internet worm detectionBehavioural wormUDP scanning.
原始语种摘要: The main purpose of intrusion detection system (IDS) is to find out intrusions among normal audit data and this can be considered as a classification problem. This problem is brought about by the user datagram protocol (UDP) which is a connectionless protocol that means it does not require a formal handshake to get the data flowing and has no need for SYNs, ACKs, FINs flags, or any other handshaking. Worms also make use of UDP protocol to connect or scan with other hosts. In this research, UDP scanning worm detection (UDPSWD) was proposed to detect UDP worm scanning by checking the failure message connections. UDPSWD focuses on the internet control message protocol (ICMP) unreachable, ICMP time exceeded and UDP is not responded to. The results show that UDPSWD is faster in comparison to...
全文获取路径: Inderscience 出版公司 

  • scanning 扫描
  • internet 互联网络
  • worms 蠕虫动物
  • datagram 数据报
  • protocol 日态
  • connectionless 无连接
  • intrusion 侵入
  • UDP User Datagram Protocol
  • algorithm 算法
  • message 报文