Spectral Graph-based Cyber Worm Detection Using Phantom Components and Strong Node Concept
| dc.contributor.author | Safar, Jamie | |
| dc.contributor.author | Tummala, Murali | |
| dc.contributor.author | Mceachen, John | |
| dc.date.accessioned | 2020-12-24T20:28:13Z | |
| dc.date.available | 2020-12-24T20:28:13Z | |
| dc.date.issued | 2021-01-05 | |
| dc.description.abstract | Innovative solutions need to be developed to defend against the continued threat of computer worms. We propose the spectral graph theory worm detection model that utilizes traffic dispersion graphs, the strong node concept, and phantom components to create detection thresholds in the eigenspectrum of the dual basis. This detection method is employed in our proposed model to quickly and accurately detect worm attacks with different attack characteristics. It also intrinsically identifies infected nodes, potential victims, and estimates the worm scan rate. We test our model against the worm-free NPS2013 dataset, a modeled Blaster worm, and the WannaCry CTU-Malware-Capture-Botnet-284-1 and CTU-Malware-Capture-Botnet-285-1 datasets. Our results show that the spectral graph theory worm detection model has better performance rates compared to other models reviewed in literature. | |
| dc.format.extent | 9 pages | |
| dc.identifier.doi | 10.24251/HICSS.2021.847 | |
| dc.identifier.isbn | 978-0-9981331-4-0 | |
| dc.identifier.uri | http://hdl.handle.net/10125/71468 | |
| dc.language.iso | English | |
| dc.relation.ispartof | Proceedings of the 54th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Cyber Systems: Their Science, Engineering, and Security | |
| dc.subject | anomaly detection | |
| dc.subject | phantom components | |
| dc.subject | spectral graph theory | |
| dc.subject | strong node concept | |
| dc.subject | worm | |
| dc.title | Spectral Graph-based Cyber Worm Detection Using Phantom Components and Strong Node Concept | |
| prism.startingpage | 7046 |
Files
Original bundle
1 - 1 of 1