Ontology type: schema:Chapter
2012
AUTHORSYue Yu , Michael Fry , Bernhard Plattner , Paul Smith , Alberto Schaeffer-Filho
ABSTRACTNetwork propagated malware such as worms are a potentially serious threat, since they can infect and damage a large number of vulnerable hosts at timescales in which human reaction is unlikely to be effective. Research on worm detection has produced many approaches to identifying them. A common approach is to identify a worm’s signature. However, as worms continue to evolve, this method is incapable of detecting and mitigating new worms in real time. In this paper, we propose a novel resilience strategy for the detection and remediation of networked malware based on progressive, multi-stage deployment of resilience mechanisms. Our strategy monitors various traffic features to detect the early onset of an attack, and then applies further mechanisms to progressively identify the attack and apply remediation to protect the network. Our strategy can be adapted to detect known attacks such as worms, and also to provide some level of remediation for new, unknown attacks. Advantages of our approach are demonstrated via simulation of various types of worm attack on an Autonomous System infrastructure. Our strategy is flexible and adaptable, and we show how it can be extended to identify and remediate network challenges other than worms. More... »
PAGES233-247
Network and System Security
ISBN
978-3-642-34600-2
978-3-642-34601-9
http://scigraph.springernature.com/pub.10.1007/978-3-642-34601-9_18
DOIhttp://dx.doi.org/10.1007/978-3-642-34601-9_18
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1030249870
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Artificial Intelligence and Image Processing",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "School of Information Technologies, University of Sydney, Australia",
"id": "http://www.grid.ac/institutes/grid.1013.3",
"name": [
"School of Information Technologies, University of Sydney, Australia"
],
"type": "Organization"
},
"familyName": "Yu",
"givenName": "Yue",
"id": "sg:person.010423752343.04",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010423752343.04"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "School of Information Technologies, University of Sydney, Australia",
"id": "http://www.grid.ac/institutes/grid.1013.3",
"name": [
"School of Information Technologies, University of Sydney, Australia"
],
"type": "Organization"
},
"familyName": "Fry",
"givenName": "Michael",
"id": "sg:person.014127665351.33",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014127665351.33"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Computer Engineering and Networks Laboratory, ETH Zurich, Switzerland",
"id": "http://www.grid.ac/institutes/grid.5801.c",
"name": [
"Computer Engineering and Networks Laboratory, ETH Zurich, Switzerland"
],
"type": "Organization"
},
"familyName": "Plattner",
"givenName": "Bernhard",
"id": "sg:person.014505216753.38",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014505216753.38"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Safety and Security Department, AIT Austrian Institute of Technology, Austria",
"id": "http://www.grid.ac/institutes/grid.4332.6",
"name": [
"Safety and Security Department, AIT Austrian Institute of Technology, Austria"
],
"type": "Organization"
},
"familyName": "Smith",
"givenName": "Paul",
"id": "sg:person.015112647531.58",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015112647531.58"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "School of Computing and Communications, Lancaster University, UK",
"id": "http://www.grid.ac/institutes/grid.9835.7",
"name": [
"School of Computing and Communications, Lancaster University, UK"
],
"type": "Organization"
},
"familyName": "Schaeffer-Filho",
"givenName": "Alberto",
"id": "sg:person.016661106103.79",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016661106103.79"
],
"type": "Person"
}
],
"datePublished": "2012",
"datePublishedReg": "2012-01-01",
"description": "Network propagated malware such as worms are a potentially serious threat, since they can infect and damage a large number of vulnerable hosts at timescales in which human reaction is unlikely to be effective. Research on worm detection has produced many approaches to identifying them. A common approach is to identify a worm\u2019s signature. However, as worms continue to evolve, this method is incapable of detecting and mitigating new worms in real time. In this paper, we propose a novel resilience strategy for the detection and remediation of networked malware based on progressive, multi-stage deployment of resilience mechanisms. Our strategy monitors various traffic features to detect the early onset of an attack, and then applies further mechanisms to progressively identify the attack and apply remediation to protect the network. Our strategy can be adapted to detect known attacks such as worms, and also to provide some level of remediation for new, unknown attacks. Advantages of our approach are demonstrated via simulation of various types of worm attack on an Autonomous System infrastructure. Our strategy is flexible and adaptable, and we show how it can be extended to identify and remediate network challenges other than worms.",
"editor": [
{
"familyName": "Xu",
"givenName": "Li",
"type": "Person"
},
{
"familyName": "Bertino",
"givenName": "Elisa",
"type": "Person"
},
{
"familyName": "Mu",
"givenName": "Yi",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-642-34601-9_18",
"inLanguage": "en",
"isAccessibleForFree": false,
"isPartOf": {
"isbn": [
"978-3-642-34600-2",
"978-3-642-34601-9"
],
"name": "Network and System Security",
"type": "Book"
},
"keywords": [
"multi-stage deployment",
"network challenges",
"worm detection",
"worm signatures",
"worm attacks",
"unknown attacks",
"traffic features",
"new worms",
"remediation",
"network",
"real time",
"malware detection",
"detection",
"system infrastructure",
"malware",
"vulnerable hosts",
"resilience mechanisms",
"deployment",
"attacks",
"common approach",
"serious threat",
"human reactions",
"infrastructure",
"level of remediation",
"large number",
"strategies",
"advantages",
"resilience strategies",
"challenges",
"approach",
"paper",
"reaction",
"simulations",
"method",
"mechanism",
"features",
"signatures",
"threat",
"host",
"worms",
"time",
"research",
"early onset",
"number",
"types",
"further mechanism",
"levels",
"onset",
"timescales"
],
"name": "Resilience Strategies for Networked Malware Detection and Remediation",
"pagination": "233-247",
"productId": [
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1030249870"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-642-34601-9_18"
]
}
],
"publisher": {
"name": "Springer Nature",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-642-34601-9_18",
"https://app.dimensions.ai/details/publication/pub.1030249870"
],
"sdDataset": "chapters",
"sdDatePublished": "2022-06-01T22:34",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-springernature-scigraph/baseset/20220601/entities/gbq_results/chapter/chapter_404.jsonl",
"type": "Chapter",
"url": "https://doi.org/10.1007/978-3-642-34601-9_18"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-34601-9_18'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-34601-9_18'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-34601-9_18'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-34601-9_18'
This table displays all metadata directly associated to this object as RDF triples.
156 TRIPLES
23 PREDICATES
75 URIs
68 LITERALS
7 BLANK NODES
| Subject | Predicate | Object | |
|---|---|---|---|
| 1 | sg:pub.10.1007/978-3-642-34601-9_18 | schema:about | anzsrc-for:08 |
| 2 | ″ | ″ | anzsrc-for:0801 |
| 3 | ″ | schema:author | N952b51353a2e4ed4b0ca17e8f6b01b8b |
| 4 | ″ | schema:datePublished | 2012 |
| 5 | ″ | schema:datePublishedReg | 2012-01-01 |
| 6 | ″ | schema:description | Network propagated malware such as worms are a potentially serious threat, since they can infect and damage a large number of vulnerable hosts at timescales in which human reaction is unlikely to be effective. Research on worm detection has produced many approaches to identifying them. A common approach is to identify a worm’s signature. However, as worms continue to evolve, this method is incapable of detecting and mitigating new worms in real time. In this paper, we propose a novel resilience strategy for the detection and remediation of networked malware based on progressive, multi-stage deployment of resilience mechanisms. Our strategy monitors various traffic features to detect the early onset of an attack, and then applies further mechanisms to progressively identify the attack and apply remediation to protect the network. Our strategy can be adapted to detect known attacks such as worms, and also to provide some level of remediation for new, unknown attacks. Advantages of our approach are demonstrated via simulation of various types of worm attack on an Autonomous System infrastructure. Our strategy is flexible and adaptable, and we show how it can be extended to identify and remediate network challenges other than worms. |
| 7 | ″ | schema:editor | Nf93080fea33e4a3b82f528910fa5e483 |
| 8 | ″ | schema:genre | chapter |
| 9 | ″ | schema:inLanguage | en |
| 10 | ″ | schema:isAccessibleForFree | false |
| 11 | ″ | schema:isPartOf | Nb6e83c92abec4293b736b968f703ff21 |
| 12 | ″ | schema:keywords | advantages |
| 13 | ″ | ″ | approach |
| 14 | ″ | ″ | attacks |
| 15 | ″ | ″ | challenges |
| 16 | ″ | ″ | common approach |
| 17 | ″ | ″ | deployment |
| 18 | ″ | ″ | detection |
| 19 | ″ | ″ | early onset |
| 20 | ″ | ″ | features |
| 21 | ″ | ″ | further mechanism |
| 22 | ″ | ″ | host |
| 23 | ″ | ″ | human reactions |
| 24 | ″ | ″ | infrastructure |
| 25 | ″ | ″ | large number |
| 26 | ″ | ″ | level of remediation |
| 27 | ″ | ″ | levels |
| 28 | ″ | ″ | malware |
| 29 | ″ | ″ | malware detection |
| 30 | ″ | ″ | mechanism |
| 31 | ″ | ″ | method |
| 32 | ″ | ″ | multi-stage deployment |
| 33 | ″ | ″ | network |
| 34 | ″ | ″ | network challenges |
| 35 | ″ | ″ | new worms |
| 36 | ″ | ″ | number |
| 37 | ″ | ″ | onset |
| 38 | ″ | ″ | paper |
| 39 | ″ | ″ | reaction |
| 40 | ″ | ″ | real time |
| 41 | ″ | ″ | remediation |
| 42 | ″ | ″ | research |
| 43 | ″ | ″ | resilience mechanisms |
| 44 | ″ | ″ | resilience strategies |
| 45 | ″ | ″ | serious threat |
| 46 | ″ | ″ | signatures |
| 47 | ″ | ″ | simulations |
| 48 | ″ | ″ | strategies |
| 49 | ″ | ″ | system infrastructure |
| 50 | ″ | ″ | threat |
| 51 | ″ | ″ | time |
| 52 | ″ | ″ | timescales |
| 53 | ″ | ″ | traffic features |
| 54 | ″ | ″ | types |
| 55 | ″ | ″ | unknown attacks |
| 56 | ″ | ″ | vulnerable hosts |
| 57 | ″ | ″ | worm attacks |
| 58 | ″ | ″ | worm detection |
| 59 | ″ | ″ | worm signatures |
| 60 | ″ | ″ | worms |
| 61 | ″ | schema:name | Resilience Strategies for Networked Malware Detection and Remediation |
| 62 | ″ | schema:pagination | 233-247 |
| 63 | ″ | schema:productId | N73a8bec1201b4ca0a20a271d0ab798cf |
| 64 | ″ | ″ | Nc9c57391898e42aa9bb0590d5f3829eb |
| 65 | ″ | schema:publisher | N0d93e21c72d14b5ba81d9505afc6a13e |
| 66 | ″ | schema:sameAs | https://app.dimensions.ai/details/publication/pub.1030249870 |
| 67 | ″ | ″ | https://doi.org/10.1007/978-3-642-34601-9_18 |
| 68 | ″ | schema:sdDatePublished | 2022-06-01T22:34 |
| 69 | ″ | schema:sdLicense | https://scigraph.springernature.com/explorer/license/ |
| 70 | ″ | schema:sdPublisher | N07893b4ab11a47a1ad431dda2e5401a5 |
| 71 | ″ | schema:url | https://doi.org/10.1007/978-3-642-34601-9_18 |
| 72 | ″ | sgo:license | sg:explorer/license/ |
| 73 | ″ | sgo:sdDataset | chapters |
| 74 | ″ | rdf:type | schema:Chapter |
| 75 | N0721e406da8249ff9e59dcce066b7650 | schema:familyName | Xu |
| 76 | ″ | schema:givenName | Li |
| 77 | ″ | rdf:type | schema:Person |
| 78 | N07893b4ab11a47a1ad431dda2e5401a5 | schema:name | Springer Nature - SN SciGraph project |
| 79 | ″ | rdf:type | schema:Organization |
| 80 | N0d93e21c72d14b5ba81d9505afc6a13e | schema:name | Springer Nature |
| 81 | ″ | rdf:type | schema:Organisation |
| 82 | N136200e64bce4be2b336ddd7ebaea2ee | rdf:first | N92dd756e60024c8f97062cd3e3f8946f |
| 83 | ″ | rdf:rest | N545e97f935094d4e9c5357fc47b5002a |
| 84 | N2d583d50561d4497a2501c08681234ef | rdf:first | sg:person.015112647531.58 |
| 85 | ″ | rdf:rest | Nd9441cff27d3440a94260ecd9cf79af7 |
| 86 | N545e97f935094d4e9c5357fc47b5002a | rdf:first | N54999f1de78c4fa591f4e20a9e7023b9 |
| 87 | ″ | rdf:rest | rdf:nil |
| 88 | N54999f1de78c4fa591f4e20a9e7023b9 | schema:familyName | Mu |
| 89 | ″ | schema:givenName | Yi |
| 90 | ″ | rdf:type | schema:Person |
| 91 | N73a8bec1201b4ca0a20a271d0ab798cf | schema:name | dimensions_id |
| 92 | ″ | schema:value | pub.1030249870 |
| 93 | ″ | rdf:type | schema:PropertyValue |
| 94 | N79212d3ae6f14f2797ab170c40beebe4 | rdf:first | sg:person.014127665351.33 |
| 95 | ″ | rdf:rest | Nc402459d7ee449c7bdb6b968476b32a5 |
| 96 | N92dd756e60024c8f97062cd3e3f8946f | schema:familyName | Bertino |
| 97 | ″ | schema:givenName | Elisa |
| 98 | ″ | rdf:type | schema:Person |
| 99 | N952b51353a2e4ed4b0ca17e8f6b01b8b | rdf:first | sg:person.010423752343.04 |
| 100 | ″ | rdf:rest | N79212d3ae6f14f2797ab170c40beebe4 |
| 101 | Nb6e83c92abec4293b736b968f703ff21 | schema:isbn | 978-3-642-34600-2 |
| 102 | ″ | ″ | 978-3-642-34601-9 |
| 103 | ″ | schema:name | Network and System Security |
| 104 | ″ | rdf:type | schema:Book |
| 105 | Nc402459d7ee449c7bdb6b968476b32a5 | rdf:first | sg:person.014505216753.38 |
| 106 | ″ | rdf:rest | N2d583d50561d4497a2501c08681234ef |
| 107 | Nc9c57391898e42aa9bb0590d5f3829eb | schema:name | doi |
| 108 | ″ | schema:value | 10.1007/978-3-642-34601-9_18 |
| 109 | ″ | rdf:type | schema:PropertyValue |
| 110 | Nd9441cff27d3440a94260ecd9cf79af7 | rdf:first | sg:person.016661106103.79 |
| 111 | ″ | rdf:rest | rdf:nil |
| 112 | Nf93080fea33e4a3b82f528910fa5e483 | rdf:first | N0721e406da8249ff9e59dcce066b7650 |
| 113 | ″ | rdf:rest | N136200e64bce4be2b336ddd7ebaea2ee |
| 114 | anzsrc-for:08 | schema:inDefinedTermSet | anzsrc-for: |
| 115 | ″ | schema:name | Information and Computing Sciences |
| 116 | ″ | rdf:type | schema:DefinedTerm |
| 117 | anzsrc-for:0801 | schema:inDefinedTermSet | anzsrc-for: |
| 118 | ″ | schema:name | Artificial Intelligence and Image Processing |
| 119 | ″ | rdf:type | schema:DefinedTerm |
| 120 | sg:person.010423752343.04 | schema:affiliation | grid-institutes:grid.1013.3 |
| 121 | ″ | schema:familyName | Yu |
| 122 | ″ | schema:givenName | Yue |
| 123 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010423752343.04 |
| 124 | ″ | rdf:type | schema:Person |
| 125 | sg:person.014127665351.33 | schema:affiliation | grid-institutes:grid.1013.3 |
| 126 | ″ | schema:familyName | Fry |
| 127 | ″ | schema:givenName | Michael |
| 128 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014127665351.33 |
| 129 | ″ | rdf:type | schema:Person |
| 130 | sg:person.014505216753.38 | schema:affiliation | grid-institutes:grid.5801.c |
| 131 | ″ | schema:familyName | Plattner |
| 132 | ″ | schema:givenName | Bernhard |
| 133 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014505216753.38 |
| 134 | ″ | rdf:type | schema:Person |
| 135 | sg:person.015112647531.58 | schema:affiliation | grid-institutes:grid.4332.6 |
| 136 | ″ | schema:familyName | Smith |
| 137 | ″ | schema:givenName | Paul |
| 138 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015112647531.58 |
| 139 | ″ | rdf:type | schema:Person |
| 140 | sg:person.016661106103.79 | schema:affiliation | grid-institutes:grid.9835.7 |
| 141 | ″ | schema:familyName | Schaeffer-Filho |
| 142 | ″ | schema:givenName | Alberto |
| 143 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016661106103.79 |
| 144 | ″ | rdf:type | schema:Person |
| 145 | grid-institutes:grid.1013.3 | schema:alternateName | School of Information Technologies, University of Sydney, Australia |
| 146 | ″ | schema:name | School of Information Technologies, University of Sydney, Australia |
| 147 | ″ | rdf:type | schema:Organization |
| 148 | grid-institutes:grid.4332.6 | schema:alternateName | Safety and Security Department, AIT Austrian Institute of Technology, Austria |
| 149 | ″ | schema:name | Safety and Security Department, AIT Austrian Institute of Technology, Austria |
| 150 | ″ | rdf:type | schema:Organization |
| 151 | grid-institutes:grid.5801.c | schema:alternateName | Computer Engineering and Networks Laboratory, ETH Zurich, Switzerland |
| 152 | ″ | schema:name | Computer Engineering and Networks Laboratory, ETH Zurich, Switzerland |
| 153 | ″ | rdf:type | schema:Organization |
| 154 | grid-institutes:grid.9835.7 | schema:alternateName | School of Computing and Communications, Lancaster University, UK |
| 155 | ″ | schema:name | School of Computing and Communications, Lancaster University, UK |
| 156 | ″ | rdf:type | schema:Organization |