@article {10.3844/jcssp.2011.1724.1728,
article_type = {journal},
title = {Behaviour Based Worm Detection and Signature Automation},
author = {Anbar, Mohammed and Manickam, Selvakumar and Hosam, Al-Samarraie and Chai, Kok-Soon and Baklizi, Mohmoud and Almomani, Ammar},
volume = {7},
number = {11},
year = {2011},
month = {Sep},
pages = {1724-1728},
doi = {10.3844/jcssp.2011.1724.1728},
url = {https://thescipub.com/abstract/jcssp.2011.1724.1728},
abstract = {Problem statement: A worm is a malicious piece of code that self-propagates, often via network connections, to exploit security flaws in computers connected through the network. In general, worms do not need any human intervention to propagate and are considered a real threat to network assets and the properties of organizations. An Intrusion Detection Systems (IDSs) are employed to detect the presence of the worms in the network. Approach: This study proposed a new behaviourbased worm detection and signature automation approach that consists of scanning characteristics to find vulnerable hosts and indicate the correlation between an infected host and potential destination hosts. Results: This approach can be distinguish between network scanning (random and sequential TCP and UDP worm scanning) triggered by infected and non-infected hosts. In addition, the ability to detect the worms based on its behaviours. Conclusion: Identifying network worms at an early stage can increase the protection of network services and vulnerable hosts.},
journal = {Journal of Computer Science},
publisher = {Science Publications}
}