Detecting Zero-day Polymorphic Worms with Jaccard Similarity Algorithm
DOI:
https://doi.org/10.17762/ijcnis.v8i3.2128Abstract
Zero-day polymorphic worms pose a serious threat to the security of Mobile systems and Internet infrastructure. In many cases, it is difficult to detect worm attacks at an early stage. There is typically little or no time to develop a well-constructed solution during such a worm outbreak. This is because the worms act only to spread from node to node and they bring security concerns to everyone using Internet via any static or mobile node. No system is safe from an aggressive worm crisis. However, many of the characteristics of a worm can be used to defeat it, including its predictable behavior and shared signatures. In this paper, we propose an efficient signature generation method based on string similarity algorithms to generate signatures for Zero-day polymorphic worms. Then, these signatures are practically applied to an Intrusion Detection System (IDS) to prevent the network from such attacks. The experimental results show the efficiency of the proposed approach compared to other existing mechanisms.Downloads
Published
2016-12-03 — Updated on 2022-04-17
Versions
- 2022-04-17 (2)
- 2016-12-03 (1)
How to Cite
Almarshad, M. A. I., Mohammed, M. M. Z. E., & Pathan, A.-S. K. (2022). Detecting Zero-day Polymorphic Worms with Jaccard Similarity Algorithm. International Journal of Communication Networks and Information Security (IJCNIS), 8(3). https://doi.org/10.17762/ijcnis.v8i3.2128 (Original work published December 3, 2016)
Issue
Section
Research Articles