I.-S. Yoo and U. Ultes-Nitsche (Switzerland)
Firewalls, Viruses and Worms, Network Security, IntrusionDetection
In this paper, we seek to answer the question: "How to de tect worms/viruses, which are replicated via emails, at the level of a firewall without cooperation with an anti-virus server?" All packets pass through firewalls and only fire walls are able to prevent packets from entering the net work. Our motivation is to reduce risk through prevent ing malicious packets (e.g., worms/viruses) from entering the secure network. We present our firewall model and ad dress how to detect worms/viruses based on protocol san ity, probabilistic estimation of maliciousness, and patterns of packets.
Important Links:
Go Back
