Cyber Weather Forecasting: Forecasting Unknown Internet Worms Using Randomness Analysis

Abstract : Since early responses are crucial to reduce the damage from unknown Internet attacks, our first consideration while developing a defense mechanism can be on time efficiency and observing (and predicting) the change of network statuses, even at the sacrifice of accuracy. In the recent security field, it is an earnest desire that a new mechanism to predict unknown future Internet attacks needs to be developed. This motivates us to study forecasting toward future Internet atacks, which is referred to as CWF (Cyber Weather Forecasting). In this paper, in order to show that the principle of CWF can be realized in the real-world, we propose a forecasting mechanism called FORE (FOrecasting using REgression analysis) through the real-time analysis of the randomness in the network traffic. FORE responds against unknown worms 1.8 times faster than the early detection mechanism, named ADUR (Anomaly Detection Using Randomness check), that can detect the worm when only one percent of total number of vulnerable hosts are infected. Furthermore, FORE can give us timely information about the process of the change of the current network situation. Evaluation results demonstrate the prediction efficiency of the proposed mechanism, including the ability to predict worm behaviors starting from 0.03 percent infection. To our best knowledge, this is the first study to achieve the prediction of future Internet attacks.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.376-387, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_31〉
Liste complète des métadonnées

Littérature citée [18 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518242
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:34
Dernière modification le : jeudi 4 mai 2017 - 14:53:53
Document(s) archivé(s) le : samedi 5 août 2017 - 13:14:44

Fichier

978-3-642-30436-1_31_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hyundo Park, Sung-Oh Jung, Heejo Lee, Hoh In. Cyber Weather Forecasting: Forecasting Unknown Internet Worms Using Randomness Analysis. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.376-387, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_31〉. 〈hal-01518242〉

Partager

Métriques

Consultations de la notice

95

Téléchargements de fichiers

24