White Papers

Detection of Slow Malicious Worms Using Multi-Sensor Data Fusion

Tags: data

Overview Detection of slow worms is particularly challenging due to the stealthy nature of their propagation techniques and their ability to blend with normal traffic patterns. This paper, proposes a distributed detection approach based on the Generalized Evidence Processing (GEP) theory, a sensor integration and data fusion technique. With GEP theory, evidence collected by distributed detectors determines the probability associated with a detection decision under a hypothesis. The collected evidence is combined to arrive at an optimal fused detection decision by minimizing a cumulative decision risk function. Typically, malicious traffic flows of varying scanning rates can occur in the wild, and the difficulty in detecting slow scanning worms in particular can be exacerbated by interference from other traffic flows scanning at faster rates.

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher: Carleton University
File Format: PDF
Date Published: Jun 20, 2009
Format: White Papers
Topics: Intrusion Detection Systems, Network Security

Similiar White Papers

Intrusion detection checklist: Six stages of handling attacks

Equipping your organization to deal with system intrusions requires a many-faceted approach. This checklist is designed

Publisher: TechRepublic | Tags: data, html

Secure your network with Snort intrusion prevention techniques

This sample chapter, taken from Sams' Intrusion Detection with Snort, discusses some advanced concepts in using S

Publisher: TechRepublic | Tags: applications, network

A Brief History of Network Security and the Need for Host Based Intrusion Detection

This paper describes the present state of information and network security with specific concentration on Host-based Int

Publisher: Tetrad Digital Integrity (TDI) | Tags: network, network security

A Neural Network Based System for Intrusion Detection and Classification of Attacks

With the rapid expansion of computer networks during the past decade, security has become a crucial issue for computer s

Publisher: Queen's University | Tags: network

Data Mining and Machine Learning - Towards Reducing False Positives in Intrusion Detection

Intrusion Detection Systems (IDSs) are used to monitor computer systems for signs of security violations. Having detecte

Publisher: IBM | Tags: data, data mining, false positives

Carleton University White Papers

Competition in the Canadian Mobile Wireless Telecommunications Industry

Featured white papers

The Value of Location Intelligence in the Communications Industry

Pitney Bowes

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...

Download now »
Best Practices for Translating Customer Satisfaction into Revenue

Citrix Online

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...

Download now »
HP print solutions and 3M

Hewlett-Packard (HP)

The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...

Download now »