Return to search

A NetFlow Based Internet-worm Detecting System in Large Network

Internet-worms are a major threat to the security of today¡¦s Internet and cause significant worldwide disruptions, a huge number of infected hosts generating overwhelming traffic will impact the performance of the Internet. Network managers have the duty to mitigate this issue . In this paper we propose an automated method for detecting Internet-worm in large network based on NetFlow. We also implement a prototype system ¡V FloWorM which can help network managers to monitor suspect Internet-worms activities and identify their species in their managed networks. Our evaluation of the prototype system on real large and campus networks validates that it achieves pretty low false positive rate and good detecting rate.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0904105-170131
Date04 September 2005
CreatorsWang, Kuang-Ming
ContributorsChung-Nan Lee, Mon-Yen Luo, Yau-Hwang Kuo, Pau-Choo Chung, Chu-Sing Yang
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageCholon
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0904105-170131
Rightsoff_campus_withheld, Copyright information available at source archive

Page generated in 0.0023 seconds