Automated signature generation for Zero-day polymorphic worms using a Double-honeynet
| dc.contributor.advisor | Chan, H Anthony | en_ZA |
| dc.contributor.author | Mohammed, Mohssen M Z E | en_ZA |
| dc.date.accessioned | 2015-01-04T14:20:13Z | |
| dc.date.available | 2015-01-04T14:20:13Z | |
| dc.date.issued | 2012 | en_ZA |
| dc.description | Includes bibliographical references. | en_ZA |
| dc.description.abstract | This thesis proposes an accurate system for signature generation for Zero-day polymorphic worms. Thesis consists of two parts: In part one, polymorphic worm instances are collected by designing a novel Double-honeynet system, which is able to detect new worms that have not been seen before. Unlimited honeynet outbound connections are introduced to collect all polymorphic worm instances. Therefore this system produces accurate worm signatures. In part two, signatures are generated for the polymorphic worms that are collected by the Double-honeynet system. Both a Modified Knuth-Morris-Pratt (MKMP) Algorithm, which is string matching based, and a Modified Principal Component Analysis (MPCA), which is statistics based, are used. | en_ZA |
| dc.identifier.apacitation | Mohammed, M. M. Z. E. (2012). <i>Automated signature generation for Zero-day polymorphic worms using a Double-honeynet</i>. (Thesis). University of Cape Town ,Faculty of Engineering & the Built Environment ,Department of Electrical Engineering. Retrieved from http://hdl.handle.net/11427/11233 | en_ZA |
| dc.identifier.chicagocitation | Mohammed, Mohssen M Z E. <i>"Automated signature generation for Zero-day polymorphic worms using a Double-honeynet."</i> Thesis., University of Cape Town ,Faculty of Engineering & the Built Environment ,Department of Electrical Engineering, 2012. http://hdl.handle.net/11427/11233 | en_ZA |
| dc.identifier.citation | Mohammed, M. 2012. Automated signature generation for Zero-day polymorphic worms using a Double-honeynet. University of Cape Town. | en_ZA |
| dc.identifier.ris | TY - Thesis / Dissertation AU - Mohammed, Mohssen M Z E AB - This thesis proposes an accurate system for signature generation for Zero-day polymorphic worms. Thesis consists of two parts: In part one, polymorphic worm instances are collected by designing a novel Double-honeynet system, which is able to detect new worms that have not been seen before. Unlimited honeynet outbound connections are introduced to collect all polymorphic worm instances. Therefore this system produces accurate worm signatures. In part two, signatures are generated for the polymorphic worms that are collected by the Double-honeynet system. Both a Modified Knuth-Morris-Pratt (MKMP) Algorithm, which is string matching based, and a Modified Principal Component Analysis (MPCA), which is statistics based, are used. DA - 2012 DB - OpenUCT DP - University of Cape Town LK - https://open.uct.ac.za PB - University of Cape Town PY - 2012 T1 - Automated signature generation for Zero-day polymorphic worms using a Double-honeynet TI - Automated signature generation for Zero-day polymorphic worms using a Double-honeynet UR - http://hdl.handle.net/11427/11233 ER - | en_ZA |
| dc.identifier.uri | http://hdl.handle.net/11427/11233 | |
| dc.identifier.vancouvercitation | Mohammed MMZE. Automated signature generation for Zero-day polymorphic worms using a Double-honeynet. [Thesis]. University of Cape Town ,Faculty of Engineering & the Built Environment ,Department of Electrical Engineering, 2012 [cited yyyy month dd]. Available from: http://hdl.handle.net/11427/11233 | en_ZA |
| dc.language.iso | eng | en_ZA |
| dc.publisher.department | Department of Electrical Engineering | en_ZA |
| dc.publisher.faculty | Faculty of Engineering and the Built Environment | |
| dc.publisher.institution | University of Cape Town | |
| dc.subject.other | Electrical Engineering | en_ZA |
| dc.title | Automated signature generation for Zero-day polymorphic worms using a Double-honeynet | en_ZA |
| dc.type | Doctoral Thesis | |
| dc.type.qualificationlevel | Doctoral | |
| dc.type.qualificationname | PhD | en_ZA |
| uct.type.filetype | Text | |
| uct.type.filetype | Image | |
| uct.type.publication | Research | en_ZA |
| uct.type.resource | Thesis | en_ZA |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- thesis_ebe_2012_mohammed_m.pdf
- Size:
- 1.23 MB
- Format:
- Adobe Portable Document Format
- Description: