Document Type

Article

Publication Date

12-2010

Publication Source

International Journal of Security and Networks

Volume

5

Issue

4

Inclusive pages

207-219

DOI

10.1504/IJSN.2010.037660

Publisher

Inderscience Publishers

Place of Publication

Geneva, Switzerland

ISBN/ISSN

1747-8405

Peer Reviewed

yes

Abstract

Intrusion Detection Systems (IDSes) proposed to identify or prevent the wide spread of worms can be largely classified as signature-based or anomaly-based. Modern worms are often sufficiently intelligent to hide their activities and evade anomaly detection, rendering existing IDSes (particularly signature-based) less effective. We propose PAIDS, a proximity-assisted IDS approach for identifying the outbreak of unknown worms. Operating on an orthogonal dimension with existing IDSes, PAIDS can work collaboratively with existing IDSes for better performance. Trace-driven evaluation indicates that PAIDS has high detection rates and low false-positive rates. We also build a prototype with Google Maps APIs and libpcap library.

Disciplines

Computer Sciences

Share

COinS