Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.777617
Title: An investigation of network countermeasure against fast self-propagating malware
Author: Ahmad, Muhammad Aminu
ISNI:       0000 0004 7963 3942
Awarding Body: University of Greenwich
Current Institution: University of Greenwich
Date of Award: 2017
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
A self-propagating malware is a malicious software program that spreads itself across the Internet by exploiting flaws in software systems and therefore capable of launching attack against vulnerable Internet hosts. Fast self-propagating malware poses a security threat to hosts that are connected to the Internet because the speed of their propagation is very high and causes disruption of services across the Internet. Thus it becomes crucial to effectively detect and contain the propagation of fast self-propagating malware on the Internet. This thesis presents a mechanism for the detection and containment of fast self-propagating malware. The thesis initially presents an overview of self-propagating malware and the need for a solution to counter the propagation of this class of malware. The thesis also presents a comprehensive literature survey to identify research gaps and limitations of previously reported worm detection and containment systems. Based on the identified limitations and shortcomings, an improved detection and containment scheme has been developed to counter the spread of fast self-propagating malware. The developed scheme, termed NEDAC, uses a cross-layer architecture to provide a combined countermeasure solution against fast self-propagating malware, i.e., a detection technique at network layer and a containment technique at data link layer. Furthermore, an improved testing environment, termed V-Network, has been developed for high fidelity malware experimentation and testing of countermeasure systems. An evaluation framework has been developed and used to test the NEDAC scheme along with other previously reported countermeasure systems using known and contemporary self-propagating malware. The NEDAC scheme demonstrated a better performance than the previously reported countermeasure systems.
Supervisor: Woodhead, Steve ; Gan, Diane Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.777617  DOI: Not available
Keywords: QA Mathematics
Share: