Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/71468

Spectral Graph-based Cyber Worm Detection Using Phantom Components and Strong Node Concept

File Size Format  
0689.pdf 365.06 kB Adobe PDF View/Open

Item Summary

Title:Spectral Graph-based Cyber Worm Detection Using Phantom Components and Strong Node Concept
Authors:Safar, Jamie
Tummala, Murali
Mceachen, John
Keywords:Cyber Systems: Their Science, Engineering, and Security
anomaly detection
phantom components
spectral graph theory
strong node concept
show 1 moreworm
show less
Date Issued:05 Jan 2021
Abstract:Innovative solutions need to be developed to defend against the continued threat of computer worms. We propose the spectral graph theory worm detection model that utilizes traffic dispersion graphs, the strong node concept, and phantom components to create detection thresholds in the eigenspectrum of the dual basis. This detection method is employed in our proposed model to quickly and accurately detect worm attacks with different attack characteristics. It also intrinsically identifies infected nodes, potential victims, and estimates the worm scan rate. We test our model against the worm-free NPS2013 dataset, a modeled Blaster worm, and the WannaCry CTU-Malware-Capture-Botnet-284-1 and CTU-Malware-Capture-Botnet-285-1 datasets. Our results show that the spectral graph theory worm detection model has better performance rates compared to other models reviewed in literature.
Pages/Duration:9 pages
URI:http://hdl.handle.net/10125/71468
ISBN:978-0-9981331-4-0
DOI:10.24251/HICSS.2021.847
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Cyber Systems: Their Science, Engineering, and Security


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons