Detecting scanning computer worms using machine learning and darkspace network traffic
dc.contributor.author | Ochieng, Nelson | |
dc.contributor.author | Ismail, Ateya | |
dc.contributor.author | Waweru, Mwangi | |
dc.contributor.author | Orero, Joseph | |
dc.date.accessioned | 2017-07-21T12:29:15Z | |
dc.date.available | 2017-07-21T12:29:15Z | |
dc.date.issued | 2017 | |
dc.description | The conference aimed at supporting and stimulating active productive research set to strengthen the technical foundations of engineers and scientists in the continent, through developing strong technical foundations and skills, leading to new small to medium enterprises within the African sub-continent. It also seeked to encourage the emergence of functionally skilled technocrats within the continent. | en_US |
dc.description.abstract | The subject of this paper is computer worm detection in a network. Computers worms have been defined as a process that can cause a possibly evolved copy of it to execute on a remote computer. They do not require human intervention to propagate; neither do they need to attach themselves to existing files. Computer worms spread very rapidly and modern worm authors obfuscate their code to make it difficult to detect them. This paper proposes to use machine learning to detect them. The paper deviates from existing approaches in that it uses the darkspace network traffic attributed to an actual worm attack to validate the algorithms. In addition, it attempts to understand the threat model, the feature set and the detection algorithms to explain the best combination of features and why the best algorithms succeeds where others have failed. | en_US |
dc.description.sponsorship | Strathmore University; Institute of Electrical and Electronics Engineers (IEEE) | en_US |
dc.identifier.citation | Ochieng, N., Ateya, I., Waweru, M., & Orero, J. (2017). Detecting scanning computer worms using machine learning and darkspace network traffic. In Pan African Conference on Science, Computing and Telecommunications (PACT). Nairobi: Strathmore University. Retrieved from https://su-plus.strathmore.edu | en_US |
dc.identifier.uri | http://hdl.handle.net/11071/5182 | |
dc.language.iso | en | en_US |
dc.publisher | Strathmore University | en_US |
dc.subject | Computer worm detection | en_US |
dc.subject | Malware detection | en_US |
dc.subject | Machine learning | en_US |
dc.subject | Darkspace network traffic | en_US |
dc.subject | behavioral computer worm detection | en_US |
dc.title | Detecting scanning computer worms using machine learning and darkspace network traffic | en_US |
dc.type | Conference Paper | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Detecting Scanning Computer Worms Using Machine.pdf
- Size:
- 257.55 KB
- Format:
- Adobe Portable Document Format
- Description:
- Full text
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: