Detecting Computer Worms in the Cloud - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2012

Detecting Computer Worms in the Cloud

Résumé

Computer worms are very active and new sophisticated versions continuously appear. Signature-based detection methods work with a low false-positive rate, but previously knowledge about the threat is needed. Anomaly-based intrusion detection methods are able to detect new and unknown threats, but meaningful information for correct results is necessary. We propose an anomaly-based intrusion detection mechanism for the cloud which directly profits from the virtualization technologies in general. Our proposed anomaly detection system is isolated from spreading computer worm infections and it is able to detect unknown and new appearing computer worms. Using our approach, a spreading computer worm can be detected on the spreading behavior itself without accessing or directly influencing running virtual machines of the cloud.
Fichier principal
Vignette du fichier
978-3-642-27585-2_4_Chapter.pdf (745.29 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-01481505 , version 1 (02-03-2017)

Licence

Paternité

Identifiants

Citer

Sebastian Biedermann, Stefan Katzenbeisser. Detecting Computer Worms in the Cloud. International Workshop on Open Problems in Network Security (iNetSec), Jun 2011, Lucerne, Switzerland. pp.43-54, ⟨10.1007/978-3-642-27585-2_4⟩. ⟨hal-01481505⟩
639 Consultations
111 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More