Detection algorithm for internet worms scanning that used user datagram protocol

Mohammad M. Rasheed; Norita Md Norwawi; Osman Ghazali; Munadil K. Faaeq

首页> 外文期刊>International journal of information and computer security >Detection algorithm for internet worms scanning that used user datagram protocol

【24h】

Detection algorithm for internet worms scanning that used user datagram protocol

机译：使用用户数据报协议的互联网蠕虫扫描检测算法

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

The main purpose of intrusion detection system (IDS) is to find out intrusions among normal audit data and this can be considered as a classification problem. This problem is brought about by the user datagram protocol (UDP) which is a connectionless protocol that means it does not require a formal handshake to get the data flowing and has no need for SYNs, ACKs, FINs flags, or any other handshaking. Worms also make use of UDP protocol to connect or scan with other hosts. In this research, UDP scanning worm detection (UDPSWD) was proposed to detect UDP worm scanning by checking the failure message connections. UDPSWD focuses on the internet control message protocol (ICMP) unreachable, ICMP time exceeded and UDP is not responded to. The results show that UDPSWD is faster in comparison to other techniques, with no false positive or negative alarm.

机译：入侵检测系统（IDS）的主要目的是找出正常审核数据中的入侵，这可以视为分类问题。此问题是由用户数据报协议（UDP）引起的，该协议是一种无连接协议，这意味着它无需进行正式握手即可使数据流动，并且不需要SYN，ACK，FIN标志或任何其他握手。蠕虫还利用UDP协议来连接或扫描其他主机。在这项研究中，提出了UDP扫描蠕虫检测（UDPSWD）来通过检查失败消息连接来检测UDP蠕虫扫描。 UDPSWD专注于Internet控制消息协议（ICMP）无法访问，ICMP时间超出以及UDP不响应的问题。结果表明，与其他技术相比，UDPSWD更快，没有误报或误报。

著录项

来源
《International journal of information and computer security》 |2019年第1期|17-32|共16页
作者
Mohammad M. Rasheed; Norita Md Norwawi; Osman Ghazali; Munadil K. Faaeq;
展开▼
作者单位

College of Engineering, University of Information Technology and Communications, Ministry of Higher Education and Scientific Research, Baghdad, Iraq;

Islamic Science Institute, Universiti Sains Islam Malaysia;

InterNetworks Research Laboratory, School of Computing, Universiti Utara Malaysia;

School of Business Management, Universiti Utara Malaysia;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
internet worm detection; behavioural worm; UDP scanning;

机译：互联网蠕虫检测;行为蠕虫;UDP扫描;

相似文献

外文文献
中文文献
专利

1. BEHAVIOURAL DETECTION FOR INTERNET SCANNING WORM ATTACK [J] . Mohammad M. Rasheed Computer Sciences and Telecommunications . 2015,第2期

机译：互联网扫描蠕虫攻击的行为检测
2. Intelligent Signature Detection for Scanning Internet Worms [J] . Mohammad M. Rasheed, Osman Ghazali, Norita Md Norwawi Information Technology Journal . 2012,第7期

机译：扫描互联网蠕虫的智能签名检测
3. Intelligent Signature Detection for Scanning Internet Worms [J] . Mohammad M. Rasheed, Osman Ghazali, Norita Md Norwawi Information Technology Journal . 2012,第7期

机译：扫描互联网蠕虫的智能签名检测
4. Intelligent Perpetual Echo Attack Detection on User Datagram Protocol Port 7 Using Ant Colony Optimization [C] . Gupta Abhishek, Pandey Om Jee, Shukla Mahendra, 2014 International Conference on Electronic Systems, Signal Processing, and Computing Technologies . 2014

机译：使用蚁群优化对用户数据报协议端口7进行智能永久回声攻击检测
5. Runtime detection of active scanning worms. [D] . Preston, Andrew. 2008

机译：活动扫描蠕虫的运行时检测。
6. Optimisation of CT protocols in PET-CT across different scanner models using different automatic exposure control methods and iterative reconstruction algorithms [O] . Sarah-May Gould, Jane Mackewn, Sugama Chicklore, 2021

机译：不同自动曝光控制方法和迭代重建算法不同扫描仪模型中PET-CT中CT协议的优化
7. Fast Detection of Stealth and Slow Scanning Worms in Transmission Control Protocol [O] . Mohammad M. Rasheed, Osman Ghazali, Rahmat Budiarto 2012

机译：传输控制协议中的隐形和慢速扫描蠕虫的快速检测
8. High-Bandwidth Tactical-Network Data Analysis in a High-Performance-Computing (HPC) Environment: Transport Protocol (Transmission Control Protocol/User Datagram Protocol [TCP/UDP]) Analysis. [R] . Renard, K. D., Adametz, J. R. 2015

机译：高性能计算（HpC）环境中的高带宽战术网络数据分析：传输协议（传输控制协议/用户数据报协议[TCp / UDp]）分析。

Detection algorithm for internet worms scanning that used user datagram protocol

摘要

著录项

相似文献

相关主题

期刊订阅