Internet-worms are a major threat to the security of today¡¦s Internet and cause significant worldwide disruptions, a huge number of infected hosts generating overwhelming traffic will impact the performance of the Internet. Network managers have the duty to mitigate this issue . In this paper we propose an automated method for detecting Internet-worm in large network based on NetFlow. We also implement a prototype system ¡V FloWorM which can help network managers to monitor suspect Internet-worms activities and identify their species in their managed networks. Our evaluation of the prototype system on real large and campus networks validates that it achieves pretty low false positive rate and good detecting rate.
Identifer | oai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0904105-170131 |
Date | 04 September 2005 |
Creators | Wang, Kuang-Ming |
Contributors | Chung-Nan Lee, Mon-Yen Luo, Yau-Hwang Kuo, Pau-Choo Chung, Chu-Sing Yang |
Publisher | NSYSU |
Source Sets | NSYSU Electronic Thesis and Dissertation Archive |
Language | Cholon |
Detected Language | English |
Type | text |
Format | application/pdf |
Source | http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0904105-170131 |
Rights | off_campus_withheld, Copyright information available at source archive |
Page generated in 0.0023 seconds