ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper A Practical Approach for Detecting Executable Codes in Network Traffic
Cited 1 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Ik Kyun Kim, Koo Hong Kang, Yang Seo Choi, Dae Won Kim, Jin Tae Oh, Ki Jun Han
Issue Date
2007-10
Citation
Asia-Pacific Network Operations and Management Symposium (APNOMS) 2007 (LNCS 4773), v.4773, pp.354-363
Publisher
Springer
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1007/978-3-540-75476-3_36
Abstract
The research on the detection of zero-day network attack and the signature generation is highlighted as an issue according to the outbreak of the new network attack is faster than a prediction. In this paper, we propose a very practical method that detects the executable codes within the network packet pay load. It could be used as the key function of the signature generation against the zero-day attack or the high speed anomaly detection. The proposed heuristic method in this paper could be expressed in terms of visually classifying the characteristic of the instruction pattern of executable codes. And then we generalize this by applying the discrete parameter Markov chain. Our experimental study showed that the presented scheme could find all types of executable codes in our experiments. © Springer-Verlag Berlin Heidelberg 2007.
KSP Keywords
Heuristic method, High Speed, Network Attack, Practical approach, Practical method, Zero-day attacks, anomaly detection, experimental study, markov chain, network packets, network traffic