Advanced Trace Pattern For Computer Intrusion Discovery
The number of crime committed based on the malware intrusion is never ending as the number of malware variants is growing tremendously and the usage of internet is expanding globally. Malicious codes easily obtained and use as one of weapon to gain their objective illegally. Hence, in this research...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Journal of Computing
2010
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/78/ http://eprints.utem.edu.my/id/eprint/78/1/1006.4569%5B1%5D.pdf |
| _version_ | 1848886881274560512 |
|---|---|
| author | Selamat, S. R. Yusof, R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Zainal Abidin, Z. |
| author_facet | Selamat, S. R. Yusof, R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Zainal Abidin, Z. |
| author_sort | Selamat, S. R. |
| building | UTeM Institutional Repository |
| collection | Online Access |
| description | The number of crime committed based on the malware intrusion is never ending as the number of malware variants
is growing tremendously and the usage of internet is expanding globally. Malicious codes easily obtained and use as one of weapon to gain their objective illegally. Hence, in this research, diverse logs from different OSI layer are explored to identify the traces left on the attacker and victim logs in order to establish worm trace pattern to defending against the attack and help revealing true attacker or victim. For the purpose of this paper, it focused on malware intrusion and traditional worm namely
sasser worm variants. The concept of trace pattern is created by fusing the attacker’s and victim’s perspective. Therefore, the objective of this paper is to propose a general worm trace pattern for attacker’s, victim’s and multi-step (attacker/victim)’s by combining both perspectives. These three proposed worm trace patterns can be extended into research areas in alert correlation and computer forensic investigation. |
| first_indexed | 2025-11-15T19:45:32Z |
| format | Article |
| id | utem-78 |
| institution | Universiti Teknikal Malaysia Melaka |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T19:45:32Z |
| publishDate | 2010 |
| publisher | Journal of Computing |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | utem-782021-09-19T17:38:24Z http://eprints.utem.edu.my/id/eprint/78/ Advanced Trace Pattern For Computer Intrusion Discovery Selamat, S. R. Yusof, R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Zainal Abidin, Z. Q Science (General) The number of crime committed based on the malware intrusion is never ending as the number of malware variants is growing tremendously and the usage of internet is expanding globally. Malicious codes easily obtained and use as one of weapon to gain their objective illegally. Hence, in this research, diverse logs from different OSI layer are explored to identify the traces left on the attacker and victim logs in order to establish worm trace pattern to defending against the attack and help revealing true attacker or victim. For the purpose of this paper, it focused on malware intrusion and traditional worm namely sasser worm variants. The concept of trace pattern is created by fusing the attacker’s and victim’s perspective. Therefore, the objective of this paper is to propose a general worm trace pattern for attacker’s, victim’s and multi-step (attacker/victim)’s by combining both perspectives. These three proposed worm trace patterns can be extended into research areas in alert correlation and computer forensic investigation. Journal of Computing 2010-06 Article NonPeerReviewed text en http://eprints.utem.edu.my/id/eprint/78/1/1006.4569%5B1%5D.pdf Selamat, S. R. and Yusof, R. and Sahib, S. and Mas'ud, Z. and Abdollah, M. F. and Zainal Abidin, Z. (2010) Advanced Trace Pattern For Computer Intrusion Discovery. Journal of Computing, 2 (6). pp. 200-2007. ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ |
| spellingShingle | Q Science (General) Selamat, S. R. Yusof, R. Sahib, S. Mas'ud, Z. Abdollah, M. F. Zainal Abidin, Z. Advanced Trace Pattern For Computer Intrusion Discovery |
| title | Advanced Trace Pattern For Computer Intrusion Discovery |
| title_full | Advanced Trace Pattern For Computer Intrusion Discovery |
| title_fullStr | Advanced Trace Pattern For Computer Intrusion Discovery |
| title_full_unstemmed | Advanced Trace Pattern For Computer Intrusion Discovery |
| title_short | Advanced Trace Pattern For Computer Intrusion Discovery |
| title_sort | advanced trace pattern for computer intrusion discovery |
| topic | Q Science (General) |
| url | http://eprints.utem.edu.my/id/eprint/78/ http://eprints.utem.edu.my/id/eprint/78/ http://eprints.utem.edu.my/id/eprint/78/1/1006.4569%5B1%5D.pdf |