|
" A new model for worm detection and response : "
Mohd Saudi, Madihah
Cullen, Andrea J. ; Woodward, Mike E.
| Document Type
|
:
|
Latin Dissertation
|
| Record Number
|
:
|
807179
|
| Doc. No
|
:
|
TLets554023
|
| Main Entry
|
:
|
Mohd Saudi, Madihah
|
| Title & Author
|
:
|
A new model for worm detection and response :\ Mohd Saudi, MadihahCullen, Andrea J. ; Woodward, Mike E.
|
| College
|
:
|
University of Bradford
|
| Date
|
:
|
2011
|
| student score
|
:
|
2011
|
| Degree
|
:
|
Thesis (Ph.D.)
|
| Abstract
|
:
|
Worms have been improved and a range of sophisticated techniques have been integrated, which make the detection and response processes much harder and longer than in the past. Therefore, in this thesis, a STAKCERT (Starter Kit for Computer Emergency Response Team) model is built to detect worms attack in order to respond to worms more efficiently. The novelty and the strengths of the STAKCERT model lies in the method implemented which consists of STAKCERT KDD processes and the development of STAKCERT worm classification, STAKCERT relational model and STAKCERT worm apoptosis algorithm. The new concept introduced in this model which is named apoptosis, is borrowed from the human immunology system has been mapped in terms of a security perspective. Furthermore, the encouraging results achieved by this research are validated by applying the security metrics for assigning the weight and severity values to trigger the apoptosis. In order to optimise the performance result, the standard operating procedures (SOP) for worm incident response which involve static and dynamic analyses, the knowledge discovery techniques (KDD) in modeling the STAKCERT model and the data mining algorithms were used. This STAKCERT model has produced encouraging results and outperformed comparative existing work for worm detection. It produces an overall accuracy rate of 98.75% with 0.2% for false positive rate and 1.45% is false negative rate. Worm response has resulted in an accuracy rate of 98.08% which later can be used by other researchers as a comparison with their works in future.
|
| Subject
|
:
|
Apoptosis; Data mining; Security metrics; Knowledge discovery technique (KDD); Standard Operating Procedures (SOP); Worm incident response; Static analysis; Dynamic analysis; Worm rules; Worm classification; STAKCERT model; Worm detection; Internet security
|
| Added Entry
|
:
|
Cullen, Andrea J. ; Woodward, Mike E.
|
| Added Entry
|
:
|
University of Bradford
|
| |