Detecting Zero-day Polymorphic Worms with Jaccard Similarity Algorithm

Authors

  • Malak Abdullah I. Almarshad
  • Mohssen M. Z. E. Mohammed
  • Al-Sakib Khan Pathan Southeast University, Bangladesh

DOI:

https://doi.org/10.17762/ijcnis.v8i3.2128

Abstract

Zero-day polymorphic worms pose a serious threat to the security of Mobile systems and Internet infrastructure. In many cases, it is difficult to detect worm attacks at an early stage. There is typically little or no time to develop a well-constructed solution during such a worm outbreak. This is because the worms act only to spread from node to node and they bring security concerns to everyone using Internet via any static or mobile node. No system is safe from an aggressive worm crisis. However, many of the characteristics of a worm can be used to defeat it, including its predictable behavior and shared signatures. In this paper, we propose an efficient signature generation method based on string similarity algorithms to generate signatures for Zero-day polymorphic worms. Then, these signatures are practically applied to an Intrusion Detection System (IDS) to prevent the network from such attacks. The experimental results show the efficiency of the proposed approach compared to other existing mechanisms.

Author Biography

Al-Sakib Khan Pathan, Southeast University, Bangladesh

Al-Sakib Khan Pathan received Ph.D. degree (MS leading to Ph.D.) in Computer Engineering in 2009 from Kyung Hee University, South Korea. He received B.Sc. degree in Computer Science and Information Technology from Islamic University of Technology (IUT), Bangladesh in 2003. He is currently an Associate Professor at the Computer Science and Engineering department, Southeast University, Bangladesh. From August 2010 to July 2015, he served as an Assistant Professor at Computer Science department at IIUM, Malaysia. Even before that, till June 2010, he was an Assistant Professor at Computer Science and Engineering department, BRAC University, Bangladesh and also worked as a Researcher at Networking Lab, Kyung Hee University, South Korea from September 2005 to August 2009. His research interests include wireless sensor networks, network security, and e-services technologies. Currently he is also working on some multidisciplinary issues. He is a recipient of several awards/best paper awards and has many publications in these areas. He has served as a Chair, Organizing Committee Member, and Technical Program Committee (TPC) member in numerous international conferences/workshops like INFOCOM, GLOBECOM, ICC, LCN, GreenCom, AINA, WCNC, HPCS, ICA3PP, IWCMC, VTC, HPCC, etc. He was awarded the IEEE Outstanding Leadership Award and Certificate of Appreciation for his role in IEEE GreenCom’13 conference. He is currently serving on various editorial positions like Deputy Editor-in-Chief of International Journal of Computers and Applications, Taylor & Francis, Associate Technical Editor of IEEE Communications Magazine, Editor of Ad Hoc and Sensor Wireless Networks, Old City Publishing, and International Journal of Sensor Networks, Inderscience Publishers, Associate Editor of International Journal of Computational Science and Engineering, Inderscience, Area Editor of International Journal of Communication Networks and Information Security, Guest Editor of many special issues of top-ranked journals, and Editor/Author of 15 published books. One of his books has been included twice in Intel Corporation’s Recommended Reading List for Developers, 2nd half 2013 and 1st half of 2014; 3 books were included in IEEE Communications Society’s (IEEE ComSoc) Best Readings in Communications and Information Systems Security, 2013, 2 other books were indexed with all the titles (chapters) in Elsevier’s acclaimed abstract and citation database, Scopus, in February 2015 and a seventh book is translated to simplified Chinese language from English version. Also, 2 of his journal papers and 1 conference paper were included under different categories in IEEE Communications Society's (IEEE ComSoc) Best Readings Topics on Communications and Information Systems Security, 2013. He also serves as a referee of many prestigious journals. He received some awards for his reviewing activities like: one of the most active reviewers of IAJIT three times, in 2012, 2014, and 2015; Outstanding Reviewer of Elsevier Computer Networks (July 2015) and Elsevier JNCA (November 2015), just to mention a few. As part of his academic duties, he has so far supervised 2 PhD students to completion. He is a Senior Member of the Institute of Electrical and Electronics Engineers (IEEE), USA and several IEEE technical committees.

Downloads

Published

2016-12-03 — Updated on 2022-04-17

Versions

How to Cite

Almarshad, M. A. I., Mohammed, M. M. Z. E., & Pathan, A.-S. K. (2022). Detecting Zero-day Polymorphic Worms with Jaccard Similarity Algorithm. International Journal of Communication Networks and Information Security (IJCNIS), 8(3). https://doi.org/10.17762/ijcnis.v8i3.2128 (Original work published December 3, 2016)

Issue

Section

Research Articles