-
- Kawaguchi Nobutaka
- Faculty of Science and Technology, Keio University
-
- Shigeno Hiroshi
- Faculty of Science and Technology, Keio University
-
- Okada Ken-ichi
- Faculty of Science and Technology, Keio University
この論文をさがす
説明
In this paper, we propose d-ACTM/VT, a network-based worm detection method that effectively detects hit-list worms using distributed virtual AC tree detection. To detect a kind of hit-list worms named Silent worms in a distributed manner, d-ACTM was proposed. d-ACTM detects the existence of worms by detecting tree structures composed of infection connections as edges. Some undetected infection connections, however, can divide the tree structures into small trees and degrade the detection performance. To address this problem, d-ACTM/VT aggregates the divided trees as a tree named Virtual AC tree in a distributed manner and utilizes the tree size for detection. Simulation result shows d-ACTM/VT reduces the number of infected hosts before detection by 20% compared to d-ACTM.
収録刊行物
-
- IPSJ Digital Courier
-
IPSJ Digital Courier 4 79-90, 2008
一般社団法人 情報処理学会
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1390282680198613888
-
- NII論文ID
- 130000022202
-
- ISSN
- 13497456
-
- 本文言語コード
- en
-
- データソース種別
-
- JaLC
- Crossref
- CiNii Articles
- OpenAIRE
-
- 抄録ライセンスフラグ
- 使用不可
