Abstract
This paper tries to propose the worm virus detection system that focuses on many connection attempts, more frequently occurring in the process of scanning than their common transmission processes. And this paper tries to determine the critical value of connection attempt by using the ordinary time network traffic learning technique which applies the genetic algorithm in order to ensure accurate detection of virus, depending on the status of network. This system can reduce the damage from worm virus more quickly than the pattern-founded worm virus detection system because it applies the common characteristics of worm viruses to detect them, and the criteria for judgment can be altered in its application though the network may change.
This work was supported by grant No. R01-2004-000-10618-0 from the Basic Research Program of the Korea Science and Engineering Foundation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Kienzle, D.M., Elder, M.C.: Recent worms: a survey and trends. In: Proceedings of the 2003 ACM workshop on Rapid Malcode (2003)
Hung, J.C., Lin, K.-C., Chang, A.Y., Lin, N.H., Lin, L.H.: A bahavior-based anti-worm system. In: Proceedings on AINA 2003, China (2003)
Plummer, D.C.: An ethernet address resolution protocol. RFC 826 (1982)
Berk, V., Bakos, G.: Designing a framework for active worm detection on global networks. In: Proceedings of the First IEEE International Workshop on Information Assurance (2003)
Wagner, D., Dean, R.: Intrusion detection via static analysis. In: Proceedings of 2001 IEEE Symposium on Security and Privacy (2001)
Koo, J., Ahn, S., Chung, J.: Network blocking algorithm and architecture for network resource and security management. In: Proceedings of International Scientific-Practical Conference. Problems of Operation of Information Networks (2004)
Choi, W., Kim, H., Ahn, S., Chung, J.: A network access control system using on address spoofing and VLAN filtering. In: The 4th Asia Pacific International Symposium on Information Technology (2005)
Kwon, K., Ahn, S., Chung, J.: Network security management using ARP spoofing. In: Proceedings of ICCSA 2004 (2004)
Goldberg, D.E.: Genegic Algorithm in Search, Optimization, and Machine Learnig. Addison-Wesley publishing company, Inc., Reading (1989)
Dasgupta, D., Gonzalez, F.A.: An intelligent decision support system for intrusion detection and response. In: Proceedings of International Workshop on Mathematical Methods, Models and Architecture for Computer Networks Security, May 2001, pp. 1–14 (2001)
Crosbie, M., Spafford, G.: Applying genetic programmings of to intrusion detection. In: Proceedings of AAAI Symposium on Genetic Programming, November 1995, pp. 1–8 (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lim, D., Chung, J., Ahn, S. (2006). Using Genetic Algorithm for Network Status Learning and Worm Virus Detection Scheme. In: Corchado, E., Yin, H., Botti, V., Fyfe, C. (eds) Intelligent Data Engineering and Automated Learning – IDEAL 2006. IDEAL 2006. Lecture Notes in Computer Science, vol 4224. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11875581_54
Download citation
DOI: https://doi.org/10.1007/11875581_54
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-45485-4
Online ISBN: 978-3-540-45487-8
eBook Packages: Computer ScienceComputer Science (R0)