Scenario Based Worm Trace Pattern Identification Technique

Selamat, S. R. and Yusof, R. and Sahib, S. and Mas'ud, M. Z. and Roslan, I. and Abdollah, M. F. (2010) Scenario Based Worm Trace Pattern Identification Technique. (IJCSIS) International Journal of Computer Science and Information Security, 7 (1). pp. 1-9. ISSN 1947-5500

[img] PDF
1002.1678.pdf - Published Version

Download (1MB)

Abstract

The number of malware variants is growing tremendously and the study of malware attacks on the Internet is still a demanding research domain. In this research, various logs from different OSI layer are explore to identify the traces leave on the attacker and victim logs, and the attack worm trace pattern are establish in order to reveal true attacker or victim.For the purpose of this paper, it will only concentrate on cybercrime that caused by malware network intrusion and used the traditional worm namely blaster worm variants. This research creates the concept of trace pattern by fusing the attacker’s and victim’s perspective. Therefore, the objective of this paper is to propose on attacker’s, victim’s and multi-step(attacker/victim)’s trace patterns by combining both perspectives. These three proposed worm trace patterns can be extended into research areas in alert correlation and computer forensic investigation.

Item Type: Article
Uncontrolled Keywords: trace pattern, attack pattern, log
Subjects: Q Science > Q Science (General)
Divisions: Faculty of Information and Communication Technology > Department of System and Computer Communication
Depositing User: Dr. Robiah Yusof
Date Deposited: 05 Aug 2011 08:10
Last Modified: 19 Sep 2021 17:48
URI: http://eprints.utem.edu.my/id/eprint/79
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item