An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model
Polymorphic worms are considered as the most dangerous threats to the Internet security, and the danger lies in changing their payloads in every infection attempt to avoid the security systems. In this paper, we propose an accurate signature generation system for zero-day polymorphic worms. We have...
| Main Authors: | , , , |
|---|---|
| Format: | Proceeding Paper |
| Language: | English English English English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/33752/1/2_Sub_ACSAT_MohssenFinal_-_latest.pdf http://irep.iium.edu.my/33752/2/Gmail_-_ACSAT_2013_notification_for_paper_102.pdf http://irep.iium.edu.my/33752/3/ACSAT%2713_-_Schedule_V3.pdf http://irep.iium.edu.my/33752/11/33752.pdf |
| _version_ | 1796878436956897280 |
|---|---|
| author | Mohammed, Mohssen M. Z. E. Chan, H. Anthony Ventura , Neco Pathan, Al-Sakib Khan |
| author_facet | Mohammed, Mohssen M. Z. E. Chan, H. Anthony Ventura , Neco Pathan, Al-Sakib Khan |
| author_sort | Mohammed, Mohssen M. Z. E. |
| collection | IIUM |
| description | Polymorphic worms are considered as the most dangerous threats to the Internet security, and the danger lies in changing their payloads in every infection attempt to avoid the security systems. In this paper, we propose an accurate signature generation system for zero-day polymorphic worms. We have designed a novel Double-honeynet system, which is able to detect zero-day polymorphic worms that have not been seen before. To generate signatures for polymorphic worms we have two steps. The first step is the polymorphic worms sample collection which is done by the Double-honeynet system. The second step is the signature generation for the collected samples which is done by k-means clustering algorithm and a Multilayer Perceptron Model. The system collects different types of polymorphic worms; we used the k-means clustering algorithm to separate each type into a cluster. The Multilayer Perceptron Model is used to generate signatures for each cluster. The main goal for this system is to reduce the false positives and false negatives. |
| first_indexed | 2024-03-05T23:21:28Z |
| format | Proceeding Paper |
| id | oai:generic.eprints.org:33752 |
| institution | International Islamic University Malaysia |
| language | English English English English |
| last_indexed | 2024-03-05T23:21:28Z |
| publishDate | 2013 |
| record_format | dspace |
| spelling | oai:generic.eprints.org:337522015-02-20T09:20:47Z http://irep.iium.edu.my/33752/ An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model Mohammed, Mohssen M. Z. E. Chan, H. Anthony Ventura , Neco Pathan, Al-Sakib Khan QA75 Electronic computers. Computer science Polymorphic worms are considered as the most dangerous threats to the Internet security, and the danger lies in changing their payloads in every infection attempt to avoid the security systems. In this paper, we propose an accurate signature generation system for zero-day polymorphic worms. We have designed a novel Double-honeynet system, which is able to detect zero-day polymorphic worms that have not been seen before. To generate signatures for polymorphic worms we have two steps. The first step is the polymorphic worms sample collection which is done by the Double-honeynet system. The second step is the signature generation for the collected samples which is done by k-means clustering algorithm and a Multilayer Perceptron Model. The system collects different types of polymorphic worms; we used the k-means clustering algorithm to separate each type into a cluster. The Multilayer Perceptron Model is used to generate signatures for each cluster. The main goal for this system is to reduce the false positives and false negatives. 2013 Proceeding Paper PeerReviewed application/pdf en http://irep.iium.edu.my/33752/1/2_Sub_ACSAT_MohssenFinal_-_latest.pdf application/pdf en http://irep.iium.edu.my/33752/2/Gmail_-_ACSAT_2013_notification_for_paper_102.pdf application/pdf en http://irep.iium.edu.my/33752/3/ACSAT%2713_-_Schedule_V3.pdf application/pdf en http://irep.iium.edu.my/33752/11/33752.pdf Mohammed, Mohssen M. Z. E. and Chan, H. Anthony and Ventura , Neco and Pathan, Al-Sakib Khan (2013) An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model. In: 2nd International Conference on Advanced Computer Science Applications and Technologies (ACSAT2013), 22-24 December 2013, Kuching, Sarawak, Malaysia. http://dsr-conferences.com/acsat/index.php |
| spellingShingle | QA75 Electronic computers. Computer science Mohammed, Mohssen M. Z. E. Chan, H. Anthony Ventura , Neco Pathan, Al-Sakib Khan An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model |
| title | An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model |
| title_full | An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model |
| title_fullStr | An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model |
| title_full_unstemmed | An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model |
| title_short | An automated signature generation method for zero-day polymorphic worms based on multilayer perceptron model |
| title_sort | automated signature generation method for zero day polymorphic worms based on multilayer perceptron model |
| topic | QA75 Electronic computers. Computer science |
| url | http://irep.iium.edu.my/33752/1/2_Sub_ACSAT_MohssenFinal_-_latest.pdf http://irep.iium.edu.my/33752/2/Gmail_-_ACSAT_2013_notification_for_paper_102.pdf http://irep.iium.edu.my/33752/3/ACSAT%2713_-_Schedule_V3.pdf http://irep.iium.edu.my/33752/11/33752.pdf |
| work_keys_str_mv | AT mohammedmohssenmze anautomatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT chanhanthony anautomatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT venturaneco anautomatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT pathanalsakibkhan anautomatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT mohammedmohssenmze automatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT chanhanthony automatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT venturaneco automatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel AT pathanalsakibkhan automatedsignaturegenerationmethodforzerodaypolymorphicwormsbasedonmultilayerperceptronmodel |