BROWSE
Detail
Conference Paper
An Architecture of Unknown Attack Detection System against Zero-day Worm
Cited - time in 
Share 
Share
- Authors
- Ik Kyun Kim, Dae Won Kim, Byoung Koo Kim, Yang Seo Choi, Seong Yong Yoon, Jin Tae Oh, Jong Soo Jang
- Issue Date
- 2008-11
- Citation
- International Conference on Applied Computer Science (ACS) 2008, pp.205-211
- Publisher
- WSEAS
- Language
- English
- Type
- Conference Paper
- Abstract
- We have introduced the ZASMIN (Zeroday-Attack Signature Management Infrastructure) system, which is developed for novel network attack detection. This system provides early warning at the moment the attacks start to spread on the network and to block the spread of the cyber attacks by automatically generating a signature that could be used by the network security appliance such as IPS. This system have adopted various of new technologies — suspicious traffic monitoring, attack validation, polymorphic worm recognition, signature generation — for unknown network attack detection. Because its hardware-based accelerator is also capable to deal with giga-bit speed traffic, it can be applicable to Internet backbone or the bottle-neck point of high-speed enterprise network without any loss of traffic. In this paper, after we setup the ZASMIN to real testbed, we have analyzed the results of the ZASMIN about detection of unknown attack.
- KSP Keywords
- Attack signature, Bit speed, Bottle-neck, Cyber attacks, Detection Systems(IDS), Early Warning, High Speed, Internet backbone, Network attack detection, Zero-day, enterprise network