상세정보
학술대회
Hierarchical Network Signature Clustering and Generation
- 발행일
- 201610
- 출처
- International Conference on Information and Communication Technology Convergence (ICTC) 2016, pp.1191-1193
- 협약과제
- 16HH1900, 맞춤형 보안서비스 제공을 위한 클라우드 기반 지능형 보안 기술 개발, 김익균
- 초록
- Nowadays we face a lot of malware. When we access web sites, they are secretly downloaded by drive-by-download and when we receive emails, the attached files contain malware. The malware cause a lot of damage to the infected hosts and networks. So, detecting malware is very important. However, recent malware are made not to be detected by an Intrusion Detection System (IDS). In order to prevent this problem, it is very crucial to generate new signatures fast when new malware are discovered. This paper proposes a method to make a hierarchical signature cluster tree from the existing network signatures and suggests a scheme to make new signatures fast by comparing with the hierarchical signature cluster tree when new malware are discovered.
- KSP 제안 키워드
- Drive-by-download, Hierarchical network, Intrusion detection system(IDS), Web sites, cluster-tree, network signatures