Early Worm Detection for Minimizing Damage in E-Service Networks

Early Worm Detection for Minimizing Damage in E-Service Networks

Tarek Sobh, Heba Z. El-Fiqi
ISBN13: 9781615207893|ISBN10: 1615207899|EISBN13: 9781615207909
DOI: 10.4018/978-1-61520-789-3.ch027
Cite Chapter Cite Chapter

MLA

Sobh, Tarek, and Heba Z. El-Fiqi. "Early Worm Detection for Minimizing Damage in E-Service Networks." Handbook of Research on E-Services in the Public Sector: E-Government Strategies and Advancements, edited by Abid Thyab Al Ajeeli and Yousif A. Latif Al-Bastaki, IGI Global, 2011, pp. 336-358. https://doi.org/10.4018/978-1-61520-789-3.ch027

APA

Sobh, T. & El-Fiqi, H. Z. (2011). Early Worm Detection for Minimizing Damage in E-Service Networks. In A. Al Ajeeli & Y. Al-Bastaki (Eds.), Handbook of Research on E-Services in the Public Sector: E-Government Strategies and Advancements (pp. 336-358). IGI Global. https://doi.org/10.4018/978-1-61520-789-3.ch027

Chicago

Sobh, Tarek, and Heba Z. El-Fiqi. "Early Worm Detection for Minimizing Damage in E-Service Networks." In Handbook of Research on E-Services in the Public Sector: E-Government Strategies and Advancements, edited by Abid Thyab Al Ajeeli and Yousif A. Latif Al-Bastaki, 336-358. Hershey, PA: IGI Global, 2011. https://doi.org/10.4018/978-1-61520-789-3.ch027

Export Reference

Mendeley
Favorite

Abstract

One of the most powerful weapons for attackers is the Internet worm. Specifically, a worm attacks vulnerable computer systems and employs self-propagating methods to flood the Internet rapidly. Since a “Worm” is self-propagated through the connected network, it doesn’t need human interaction or file transmission to replicate itself. It spreads in minutes; Slammer worms infect about 75,000 nodes through the internet in about 10 minutes. Since most of antivirus programs detect viruses based on their signature, then this approach can’t detect new viruses or worms till being updated with their signature, which can’t be known unless some systems had already been infected. This highlights worms are still on the top of malware threats attacking computer systems, although the evolution of worms detection techniques. Early detection of unknown worms is still a problem. This chapter produce a method for detecting unknown worms based on local victim information. The proposed system uses Artificial Neural Network (ANN) for classifying worm/ nonworm traffic and predicting the percentage of infection in the infected network. This prediction can be used to support decision making processes for network administrators to respond quickly to worm propagation in an accurate procedure.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.