In the recent years, threats of malwares have been increasing. The violation of privacy and confidentiality in large networks and distributed systems is the main target for these malwares. To prevent such attacks, anti-virus systems are designed with different analysis methods and featuring regular updating service. But still we face many threats that are not easily identified. Some systems encounter limitations like shortage in computational resources or real-time interactions. They need a new approach to detect unknown and predefined threats together. The main idea behind this research work is to find malware in network level analysis by a real-time approach. It can be shown that there is often a long delay between entrance of malware and its malicious effect. This investigation is divided into two parts: first is to analyze predefined network behavior in network devices, and second is to investigate software-level activities. To do this, the entropy is introduced. The aim of this feature is to measure network flow trustworthily. Prior work shows that the trust border is lower than 0.3 and threat boundary is defined higher than 0.8. The result indicates that the detection rate of the proposed system is higher than 71% for unknown malwares.
کلید واژگان :Malware Detection, Real-time Network Threats, Software-Defined Networking, Network Security, Software Vulnerability
ارزش ریالی : 300000 ریال
با پرداخت الکترونیک
جزئیات مقاله
- کد شناسه : 6145960573944015
- سال انتشار : 2015
- نوع مقاله : مقاله کامل پذیرفته شده در کنفرانس ها
- زبان : انگلیسی
- محل پذیرش : 12th International ISC Conference on Information Security and Cryptology (ISCISC2015)
- برگزار کنندگان : Iranian Society of Cryptology
- تاریخ ثبت : 1395/01/14 18:32:19
- ثبت کننده : مهران علیدوست نیا
- تعداد بازدید : 209
- تعداد فروش : 0