Document Details

Document Type : Article In Journal 
Document Title :
Detecting Internet Worms Using Data Mining Techniques
ديدان الإنترنت باستخدام تقنيات التعدين الكشف عن البيانات
 
Subject : Data mining, malware detection 
Document Language : Arabic 
Abstract : Internet worms pose a serious threat to computer ecurity. Traditional approaches using signatures to detect worms pose little danger to the zero day attacks. The focus of malware research is shifting from using signature patterns to identifying the malicious behavior displayed by the malwares. This paper presents a novel idea of extracting variable length instruction sequences that can identify worms from clean programs using data mining techniques. The analysis is facilitated by the program control flow information contained in the instruction sequences. Based upon general statistics gathered from these instruction sequences we formulated the problem as a binary classification problem and built tree based classifiers including decision tree, bagging and random forest. Our approach showed 95.6% detection rate on novel worms whose data was not used in the model building process. 
ISSN : 1690-4524 
Journal Name : Journal of Systemics, Cybernetics and Informatics 
Volume : 6 
Issue Number : 6 
Publishing Year : 1430 AH
2009 AD 
Article Type : Article 
Added Date : Wednesday, February 16, 2011 

Researchers

Researcher Name (Arabic)Researcher Name (English)Researcher TypeDr GradeEmail
معظم صديقيSiddiqui, Muazzam ResearcherDoctoratemaasiddiqui@kau.edu.sa

Files

File NameTypeDescription
 29003.docx docx 

Back To Researches Page