期刊名称:International Journal of Computer and Information Technology
印刷版ISSN:2279-0764
出版年度:2013
卷号:2
期号:5
页码:873
出版社:International Journal of Computer and Information Technology
摘要:In recent years, computer worms have emerged as one of the most potent threat to the security of many networked computing communities. The need for more reliable and efficient systems for worm containment has continued to be on the rise. Different systems for worm containment have been developed by different authors with attending strengths and weaknesses. Vigilante is a host based Intrusion Detection System (IDS) that detect worms by instrumenting vulnerable programs to analyse infection attempts. In this work, an improved Vigilante system that generates Self-Certifying Alerts (SCAs) using Markov Chain algorithm was developed. The algorithm is formulated such that upon detection, host generates Self-Certifying Alerts, which can be verified by any vulnerable host. Hosts receiving an SCA protect themselves by generating filters that block worm attack. The developed mechanism is implemented in Windows Vista environment using Visual Basic.Net programming language. Experimental results on different worms in the selected network demonstrate the system's ability to successfully detect and contain worms that are invoked into the network. A comparison of the results obtained with results of some other algorithms shows an overall good performance
