Advanced Trace Pattern For Computer Intrusion Discovery
Journal of Computing, Vol. 2, No. 6, June 2010, NY, USA, ISSN 2151-9617 The number of crime committed based on the malware intrusion is never ending as the number of malware variants is growing tremendously and the usage of internet is expanding globally. Malicious codes easily obtained and use as o...
Gespeichert in:
| Hauptverfasser: | , , , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Rahayu, S. Siti Robiah, Y Shahrin, S Zaki, M. Mohd Faizal, M. A Zaheera, Z. A |
| description | Journal of Computing, Vol. 2, No. 6, June 2010, NY, USA, ISSN
2151-9617 The number of crime committed based on the malware intrusion is never ending
as the number of malware variants is growing tremendously and the usage of
internet is expanding globally. Malicious codes easily obtained and use as one
of weapon to gain their objective illegally. Hence, in this research, diverse
logs from different OSI layer are explored to identify the traces left on the
attacker and victim logs in order to establish worm trace pattern to defending
against the attack and help revealing true attacker or victim. For the purpose
of this paper, it focused on malware intrusion and traditional worm namely
sasser worm variants. The concept of trace pattern is created by fusing the
attacker's and victim's perspective. Therefore, the objective of this paper is
to propose a general worm trace pattern for attacker's, victim's and multi-step
(attacker/victim)'s by combining both perspectives. These three proposed worm
trace patterns can be extended into research areas in alert correlation and
computer forensic investigation. |
| doi_str_mv | 10.48550/arxiv.1006.4569 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1006_4569</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1006_4569</sourcerecordid><originalsourceid>FETCH-LOGICAL-a659-60cfe4a360f438913675627e5fae4077ae1895856bfc162e037d1b1e2119e0f43</originalsourceid><addsrcrecordid>eNotj7FqwzAURbV0KGn2TkU_YEfPkp6sMThNGwi0g3fzIj-BobGD7Jjm71O3nS53uId7hHgGlZvSWrWh9N3NOSiFubHoH4XbtjP1gVtZJwosP2maOPVyPyRZDefL9afJQz-l69gNvdx1YxhmTrcn8RDpa-T1f65EvX-tq_fs-PF2qLbHjND6DFWIbEijikaXHjQ6i4VjG4mNco4YSm9Li6cYAAtW2rVwAi4APC-blXj5w_4eby6pO1O6NYtAswjoO5KfP0A</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Advanced Trace Pattern For Computer Intrusion Discovery</title><source>arXiv.org</source><creator>Rahayu, S. Siti ; Robiah, Y ; Shahrin, S ; Zaki, M. Mohd ; Faizal, M. A ; Zaheera, Z. A</creator><creatorcontrib>Rahayu, S. Siti ; Robiah, Y ; Shahrin, S ; Zaki, M. Mohd ; Faizal, M. A ; Zaheera, Z. A</creatorcontrib><description>Journal of Computing, Vol. 2, No. 6, June 2010, NY, USA, ISSN
2151-9617 The number of crime committed based on the malware intrusion is never ending
as the number of malware variants is growing tremendously and the usage of
internet is expanding globally. Malicious codes easily obtained and use as one
of weapon to gain their objective illegally. Hence, in this research, diverse
logs from different OSI layer are explored to identify the traces left on the
attacker and victim logs in order to establish worm trace pattern to defending
against the attack and help revealing true attacker or victim. For the purpose
of this paper, it focused on malware intrusion and traditional worm namely
sasser worm variants. The concept of trace pattern is created by fusing the
attacker's and victim's perspective. Therefore, the objective of this paper is
to propose a general worm trace pattern for attacker's, victim's and multi-step
(attacker/victim)'s by combining both perspectives. These three proposed worm
trace patterns can be extended into research areas in alert correlation and
computer forensic investigation.</description><identifier>DOI: 10.48550/arxiv.1006.4569</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2010-06</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,881</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1006.4569$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1006.4569$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Rahayu, S. Siti</creatorcontrib><creatorcontrib>Robiah, Y</creatorcontrib><creatorcontrib>Shahrin, S</creatorcontrib><creatorcontrib>Zaki, M. Mohd</creatorcontrib><creatorcontrib>Faizal, M. A</creatorcontrib><creatorcontrib>Zaheera, Z. A</creatorcontrib><title>Advanced Trace Pattern For Computer Intrusion Discovery</title><description>Journal of Computing, Vol. 2, No. 6, June 2010, NY, USA, ISSN
2151-9617 The number of crime committed based on the malware intrusion is never ending
as the number of malware variants is growing tremendously and the usage of
internet is expanding globally. Malicious codes easily obtained and use as one
of weapon to gain their objective illegally. Hence, in this research, diverse
logs from different OSI layer are explored to identify the traces left on the
attacker and victim logs in order to establish worm trace pattern to defending
against the attack and help revealing true attacker or victim. For the purpose
of this paper, it focused on malware intrusion and traditional worm namely
sasser worm variants. The concept of trace pattern is created by fusing the
attacker's and victim's perspective. Therefore, the objective of this paper is
to propose a general worm trace pattern for attacker's, victim's and multi-step
(attacker/victim)'s by combining both perspectives. These three proposed worm
trace patterns can be extended into research areas in alert correlation and
computer forensic investigation.</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2010</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotj7FqwzAURbV0KGn2TkU_YEfPkp6sMThNGwi0g3fzIj-BobGD7Jjm71O3nS53uId7hHgGlZvSWrWh9N3NOSiFubHoH4XbtjP1gVtZJwosP2maOPVyPyRZDefL9afJQz-l69gNvdx1YxhmTrcn8RDpa-T1f65EvX-tq_fs-PF2qLbHjND6DFWIbEijikaXHjQ6i4VjG4mNco4YSm9Li6cYAAtW2rVwAi4APC-blXj5w_4eby6pO1O6NYtAswjoO5KfP0A</recordid><startdate>20100623</startdate><enddate>20100623</enddate><creator>Rahayu, S. Siti</creator><creator>Robiah, Y</creator><creator>Shahrin, S</creator><creator>Zaki, M. Mohd</creator><creator>Faizal, M. A</creator><creator>Zaheera, Z. A</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20100623</creationdate><title>Advanced Trace Pattern For Computer Intrusion Discovery</title><author>Rahayu, S. Siti ; Robiah, Y ; Shahrin, S ; Zaki, M. Mohd ; Faizal, M. A ; Zaheera, Z. A</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a659-60cfe4a360f438913675627e5fae4077ae1895856bfc162e037d1b1e2119e0f43</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2010</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Rahayu, S. Siti</creatorcontrib><creatorcontrib>Robiah, Y</creatorcontrib><creatorcontrib>Shahrin, S</creatorcontrib><creatorcontrib>Zaki, M. Mohd</creatorcontrib><creatorcontrib>Faizal, M. A</creatorcontrib><creatorcontrib>Zaheera, Z. A</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Rahayu, S. Siti</au><au>Robiah, Y</au><au>Shahrin, S</au><au>Zaki, M. Mohd</au><au>Faizal, M. A</au><au>Zaheera, Z. A</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Advanced Trace Pattern For Computer Intrusion Discovery</atitle><date>2010-06-23</date><risdate>2010</risdate><abstract>Journal of Computing, Vol. 2, No. 6, June 2010, NY, USA, ISSN
2151-9617 The number of crime committed based on the malware intrusion is never ending
as the number of malware variants is growing tremendously and the usage of
internet is expanding globally. Malicious codes easily obtained and use as one
of weapon to gain their objective illegally. Hence, in this research, diverse
logs from different OSI layer are explored to identify the traces left on the
attacker and victim logs in order to establish worm trace pattern to defending
against the attack and help revealing true attacker or victim. For the purpose
of this paper, it focused on malware intrusion and traditional worm namely
sasser worm variants. The concept of trace pattern is created by fusing the
attacker's and victim's perspective. Therefore, the objective of this paper is
to propose a general worm trace pattern for attacker's, victim's and multi-step
(attacker/victim)'s by combining both perspectives. These three proposed worm
trace patterns can be extended into research areas in alert correlation and
computer forensic investigation.</abstract><doi>10.48550/arxiv.1006.4569</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1006.4569 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1006_4569 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security |
| title | Advanced Trace Pattern For Computer Intrusion Discovery |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-02T04%3A26%3A51IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Advanced%20Trace%20Pattern%20For%20Computer%20Intrusion%20Discovery&rft.au=Rahayu,%20S.%20Siti&rft.date=2010-06-23&rft_id=info:doi/10.48550/arxiv.1006.4569&rft_dat=%3Carxiv_GOX%3E1006_4569%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |