Subscribe Now Subscribe Today
Science Alert
 
Blue
   
Curve Top
Journal of Applied Sciences
  Year: 2012 | Volume: 12 | Issue: 20 | Page No.: 2156-2163
DOI: 10.3923/jas.2012.2156.2163
 
Facebook Twitter Digg Reddit Linkedin StumbleUpon E-mail

Fast Detection of Stealth and Slow Scanning Worms in Transmission Control Protocol
Mohammad M. Rasheed, Osman Ghazali and Rahmat Budiarto

Abstract: Anti-virus systems and most current intrusion-detection systems are signature based technology. The problem in signature-based technology is that they can only detect a known worm with identified signatures that have been produced recently. The detection system must therefore be able to handle known and likewise, unknown threats but the false alarm is high false alarms when used anomaly detection system to detect unknown worms. This study developed a new technique that depended on the anomaly detection system to detect the stealth scanning worm by two sub techniques. The first sub technique is considered new failure connection messages that generated by stealth scanning worm and second sub technique is included multi threshold by considered the speed of worm spread for generated the threshold. The result of this study showed the proposed technique capable of detecting the stealth and slow scanning of Internet worm and faster than other methods without any false-positive warning, besides reduced the false-negative warning.
PDF Fulltext XML References Citation Report Citation
 RELATED ARTICLES:
  •    A Distributed Framework with less False Positive Ratio Against Distributed Denial of Service Attack
  •    A K-Means and Naive Bayes Learning Approach for Better Intrusion Detection
  •    Protecting Windows Registry Directory and Hence Increasing the Security Level of the Windows Operating System
  •    The Design of Firewall in Mobile Phone Based on Cross-Layer Collaboration
How to cite this article:

Mohammad M. Rasheed, Osman Ghazali and Rahmat Budiarto, 2012. Fast Detection of Stealth and Slow Scanning Worms in Transmission Control Protocol. Journal of Applied Sciences, 12: 2156-2163.

DOI: 10.3923/jas.2012.2156.2163

URL: https://scialert.net/abstract/?doi=jas.2012.2156.2163
COMMENT ON THIS PAPER
 
 
 

 
  Bullet Navigation
 
  Page Icon Online First
  Page Icon Current Issue
  Page Icon Previous Issues
  Page Icon Editorial Board
  Page Icon Submit a Manuscript
  Page Icon Guide to Authors
  Page Icon Subscribe to E-alerts

  Bullet Indexed In
 
  Page Icon AGRIS
  Page Icon ASCI-Database
  Page Icon Asian Digital Library
  Page Icon Chemical Abstract Services
  Page Icon Google Scholar

Science Alert
Curve Bottom