BROWSE
Detail
Conference Paper
A Practical Approach for Detecting Executable Codes in Network Traffic
Cited 1 time in 
Share 
Share
- Authors
- Ik Kyun Kim, Koo Hong Kang, Yang Seo Choi, Dae Won Kim, Jin Tae Oh, Ki Jun Han
- Issue Date
- 2007-10
- Citation
- Asia-Pacific Network Operations and Management Symposium (APNOMS) 2007 (LNCS 4773), v.4773, pp.354-363
- Publisher
- Springer
- Language
- English
- Type
- Conference Paper
- Abstract
- The research on the detection of zero-day network attack and the signature generation is highlighted as an issue according to the outbreak of the new network attack is faster than a prediction. In this paper, we propose a very practical method that detects the executable codes within the network packet pay load. It could be used as the key function of the signature generation against the zero-day attack or the high speed anomaly detection. The proposed heuristic method in this paper could be expressed in terms of visually classifying the characteristic of the instruction pattern of executable codes. And then we generalize this by applying the discrete parameter Markov chain. Our experimental study showed that the presented scheme could find all types of executable codes in our experiments. © Springer-Verlag Berlin Heidelberg 2007.
- KSP Keywords
- Heuristic method, High Speed, Network Attack, Practical approach, Practical method, Zero-day attacks, anomaly detection, experimental study, markov chain, network packets, network traffic