Automatic Defense Against Zero-Day Polymorphic Worms in Communication Networks
暫譯: 通訊網路中對零日多形蟲的自動防禦
Mohammed, Mohssen, Pathan, Al-Sakib Khan
- 出版商: Auerbach Publication
- 出版日期: 2019-09-19
- 售價: $2,820
- 貴賓價: 9.5 折 $2,679
- 語言: 英文
- 頁數: 337
- 裝訂: Quality Paper - also called trade paper
- ISBN: 036738003X
- ISBN-13: 9780367380038
-
其他版本:
Automatic Defense Against Zero-day Polymorphic Worms in Communication Networks (Hardcover)
相關主題
商品描述
Able to propagate quickly and change their payload with each infection, polymorphic worms have been able to evade even the most advanced intrusion detection systems (IDS). And, because zero-day worms require only seconds to launch flooding attacks on your servers, using traditional methods such as manually creating and storing signatures to defend against these threats is just too slow.
Bringing together critical knowledge and research on the subject, Automatic Defense Against Zero-day Polymorphic Worms in Communication Networks details a new approach for generating automated signatures for unknown polymorphic worms. It presents experimental results on a new method for polymorphic worm detection and examines experimental implementation of signature-generation algorithms and double-honeynet systems. If you need some background, the book includes an overview of the fundamental terms and concepts in network security, including the various security models. Clearing up the misconceptions about the value of honeypots, it explains how they can be useful in securing your networks, and identifies open-source tools you can use to create your own honeypot. There's also a chapter with references to helpful reading resources on automated signature generation systems. The authors describe cutting-edge attack detection approaches and detail new algorithms to help you generate your own automated signatures for polymorphic worms. Explaining how to test the quality of your generated signatures, the text will help you develop the understanding required to effectively protect your communication networks. Coverage includes intrusion detection and prevention systems (IDPS), zero-day polymorphic worm collection methods, double-honeynet system configurations, and the implementation of double-honeynet architectures.商品描述(中文翻譯)
能夠快速傳播並在每次感染時改變其有效載荷的多形態蠕蟲,已能夠避開即使是最先進的入侵檢測系統(IDS)。而且,由於零日蠕蟲只需幾秒鐘就能對您的伺服器發起洪水攻擊,使用傳統方法,例如手動創建和存儲簽名來防禦這些威脅,實在是太慢了。
本書《自動防禦通信網路中的零日多形態蠕蟲》匯集了關於該主題的關鍵知識和研究,詳細介紹了一種為未知多形態蠕蟲生成自動簽名的新方法。它展示了一種新的多形態蠕蟲檢測方法的實驗結果,並檢查了簽名生成算法和雙蜜網系統的實驗實施。
如果您需要一些背景知識,本書包括了網路安全中基本術語和概念的概述,包括各種安全模型。釐清了對蜜罐價值的誤解,解釋了它們如何在保護您的網路中發揮作用,並識別了您可以用來創建自己蜜罐的開源工具。本書還有一章提到有關自動簽名生成系統的有用閱讀資源。
作者描述了尖端的攻擊檢測方法,並詳細介紹了幫助您為多形態蠕蟲生成自動簽名的新算法。解釋了如何測試您生成的簽名的質量,文本將幫助您發展有效保護通信網路所需的理解。內容涵蓋入侵檢測和預防系統(IDPS)、零日多形態蠕蟲收集方法、雙蜜網系統配置以及雙蜜網架構的實施。
作者簡介
Mohssen Mohammed received his B.Sc. (Honors) degree in Computer Science from Computer Man College for Computer Studies (Future University), Khartoum - Sudan in 2003. In 2006, received the M.Sc. degree in Computer Science from the Faculty of Mathematical Sciences - University of Khartoum, Sudan. In 2012 received Ph.D. degree in Electrical Engineering from Cape Town University, South Africa. He published several papers at top international conferences such as GLOBECOM and MILCOM. He has served as a Technical Program Committee member in numerous international conferences like ICSEA 2010, ICNS 2011. He got University of Cape Town prize for International Scholarship for Academic Merit (Years 2007, 2008, and 2009). From 2005 to 2012 he has been working as a permanent academic staff at the University of Juba, South of Sudan. Now he is working as Assistant Professor in the College of Computer Science & Information Technology, Bahri University, Khartoum Sudan. His research interest includes Network Security, especially Intrusion detection and prevention systems, Honeypots, Firewalls, and Malware Detection Methods.
Al-Sakib Khan Pathan received his Ph.D. degree in Computer Engineering in 2009 from Kyung Hee University, South Korea. He received B.Sc. degree in Computer Science and Information Technology from Islamic University of Technology (IUT), Bangladesh in 2003. He is currently an Assistant Professor at Computer Science department in International Islamic University Malaysia (IIUM), Malaysia. Till June 2010, he served as an Assistant Professor at Computer Science and Engineering department in BRAC University, Bangladesh. Prior to holding this position, he worked as a Researcher at Networking Lab, Kyung Hee University, South Korea till August 2009. His research interest includes wireless sensor networks, network security, and e-services technologies. He is a recipient of several awards/best paper awards and has several publications in作者簡介(中文翻譯)
Mohssen Mohammed於2003年在蘇丹喀土穆的Computer Man College for Computer Studies (Future University)獲得計算機科學榮譽學士學位。2006年,他在蘇丹喀土穆大學數學科學學院獲得計算機科學碩士學位。2012年,他在南非開普敦大學獲得電氣工程博士學位。他在GLOBECOM和MILCOM等頂級國際會議上發表了多篇論文。他曾擔任多個國際會議的技術程序委員會成員,如ICSEA 2010和ICNS 2011。他獲得了開普敦大學的國際學術獎學金(2007、2008和2009年)。從2005年到2012年,他在蘇丹南部的朱巴大學擔任永久教學人員。現在,他在蘇丹喀土穆的巴赫里大學計算機科學與資訊技術學院擔任助理教授。他的研究興趣包括網絡安全,特別是入侵檢測和預防系統、蜜罐、防火牆和惡意軟體檢測方法。
Al-Sakib Khan Pathan於2009年在南韓的京畿大學獲得計算機工程博士學位。他於2003年在孟加拉國的伊斯蘭科技大學(IUT)獲得計算機科學與資訊技術學士學位。目前,他是馬來西亞國際伊斯蘭大學(IIUM)計算機科學系的助理教授。在2010年6月之前,他曾在孟加拉國的BRAC大學計算機科學與工程系擔任助理教授。在擔任此職位之前,他在南韓京畿大學的網絡實驗室擔任研究員,直到2009年8月。他的研究興趣包括無線感測器網絡、網絡安全和電子服務技術。他獲得了多個獎項/最佳論文獎,並有多篇出版物。