A study of the worm detection method using self-replication 


Vol. 34,  No. 6, pp. 169-178, Jun.  2009


PDF
  Abstract

In this paper, we studied about detection technique by self-replication nature of Polymorphic worm to real time cope with Zero-Day attack such as worm variant and Polymorphic Worm, and unknown attack of worm those happen before security patch or signature is created. Also we designed and implemented worm detection system that use SSDT(System Service Dispatch Table). The implemented system is consist of virtual device driver that monitor system calls by access to SSDT in kernel mode and analyze system that store and analyze the monitored data. We analyzed the monitored data considering GSR(Gene of Self Replication) structure and simulate the worm detection system whether worm is detected or not.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

Y. Hwang, D. Park, S. Yoo, H. Yim, J. Jang, J. Oh, "A study of the worm detection method using self-replication," The Journal of Korean Institute of Communications and Information Sciences, vol. 34, no. 6, pp. 169-178, 2009. DOI: .

[ACM Style]

Yu-dong Hwang, Dong-Gue Park, Seung-Yeop Yoo, Hwang-Bin Yim, Jong-Soo Jang, and Jin-Tae Oh. 2009. A study of the worm detection method using self-replication. The Journal of Korean Institute of Communications and Information Sciences, 34, 6, (2009), 169-178. DOI: .

[KICS Style]

Yu-dong Hwang, Dong-Gue Park, Seung-Yeop Yoo, Hwang-Bin Yim, Jong-Soo Jang, Jin-Tae Oh, "A study of the worm detection method using self-replication," The Journal of Korean Institute of Communications and Information Sciences, vol. 34, no. 6, pp. 169-178, 6. 2009.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880