Parameter estimation of a susceptible–infected–recovered–dead computer worm model

Computer worms are serious threats to Internet security and have caused billions of dollars of economic losses during the past decades. In this study, we implemented a susceptible–infected–recovered–dead (SIRD) model of computer worms and analyzed the characteristics and mechanisms of worm transmission. We applied the ordinary differential equation model to simulate the transmission process of computer worms and estimated the unknown parameters of the SIRD model through the methods of least squares, Markov chain Monte Carlo, and ensemble Kalman filtering (ENKF). The results reveal that the proposed SIRD model is more accurate than the susceptible–exposed–infected–recovered–susceptible model with respect to parameter estimation.

Detection of Worms Over Cloud Environment

In recent years, computer worms are the remarkable difficulties found in the distributed computing. The location of worms turns out to be more unpredictable since they are changing quickly and much more refined. The difficulties in gathering worm's payload were recognized for identifying and gathering worm's payloads and the honey pot which is high-intelligent to gather the payload of zero-day polymorphic heterogeneous and homogeneous stages in distributed computing. The Signature-based discovery of worms strategies work with a low false-positive rate. We propose an irregularity based interruption location instrument for the cloud which specifically benefits from the virtualization advancements all in all. Our proposed abnormality location framework is detached from spreading computer worm contamination and it can recognize new computer worms. Utilizing our methodology, a spreading computer worm can be distinguished on the spreading conduct itself without getting to or straightforwardly affecting running virtual machines of the cloud.

Optimizing Computer Worm Detection Using Ensembles

The scope of this research is computer worm detection. Computer worm has been defined as a process that can cause a possibly evolved copy of it to execute on a remote computer. It does not require human intervention to propagate neither does it attach itself to an existing computer file. It spreads very rapidly. Modern computer worm authors obfuscate the code to make it difficult to detect the computer worm. This research proposes to use machine learning methodology for the detection of computer worms. More specifically, ensembles are used. The research deviates from existing detection approaches by using dark space network traffic attributed to an actual worm attack to train and validate the machine learning algorithms. It is also obtained that the various ensembles perform comparatively well. Each of them is therefore a candidate for the final model. The algorithms also perform just as well as similar studies reported in the literature.

Detection of Worms Over Cloud Environment

In recent years, computer worms are the remarkable difficulties found in the distributed computing. The location of worms turns out to be more unpredictable since they are changing quickly and much more refined. The difficulties in gathering worm's payload were recognized for identifying and gathering worm's payloads and the honey pot which is high-intelligent to gather the payload of zero-day polymorphic heterogeneous and homogeneous stages in distributed computing. The Signature-based discovery of worms strategies work with a low false-positive rate. We propose an irregularity based interruption location instrument for the cloud which specifically benefits from the virtualization advancements all in all. Our proposed abnormality location framework is detached from spreading computer worm contamination and it can recognize new computer worms. Utilizing our methodology, a spreading computer worm can be distinguished on the spreading conduct itself without getting to or straightforwardly affecting running virtual machines of the cloud.