{"id":"https://openalex.org/W2058441594","doi":"https://doi.org/10.1145/1533057.1533071","title":"An integrated approach to detection of fast and slow scanning worms","display_name":"An integrated approach to detection of fast and slow scanning worms","publication_year":2009,"publication_date":"2009-03-10","ids":{"openalex":"https://openalex.org/W2058441594","doi":"https://doi.org/10.1145/1533057.1533071","mag":"2058441594"},"language":"en","primary_location":{"id":"doi:10.1145/1533057.1533071","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1533057.1533071","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th International Symposium on Information, Computer, and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084216048","display_name":"Frank Akujobi","orcid":null},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Frank Akujobi","raw_affiliation_strings":["Carleton University, Ottawa, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carleton University, Ottawa, ON, Canada","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017839977","display_name":"Ioannis Lambadaris","orcid":"https://orcid.org/0000-0003-4686-9433"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ioannis Lambadaris","raw_affiliation_strings":["Carleton University, Ottawa, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carleton University, Ottawa, ON, Canada","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5003125546","display_name":"Evangelos Kranakis","orcid":"https://orcid.org/0000-0002-8959-4428"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Evangelos Kranakis","raw_affiliation_strings":["Carleton University, Ottawa, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carleton University, Ottawa, ON, Canada","institution_ids":["https://openalex.org/I67031392"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I67031392"],"apc_list":null,"apc_paid":null,"fwci":1.0892,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.79144079,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"80","last_page":"91"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7179774045944214},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6935451030731201},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5901521444320679},{"id":"https://openalex.org/keywords/heuristics","display_name":"Heuristics","score":0.45971396565437317},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.44969847798347473},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.4220060706138611},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.40417325496673584},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.33358699083328247}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7179774045944214},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6935451030731201},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5901521444320679},{"id":"https://openalex.org/C127705205","wikidata":"https://www.wikidata.org/wiki/Q5748245","display_name":"Heuristics","level":2,"score":0.45971396565437317},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.44969847798347473},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.4220060706138611},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.40417325496673584},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.33358699083328247},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1533057.1533071","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1533057.1533071","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th International Symposium on Information, Computer, and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.216.4954","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.216.4954","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.scs.carleton.ca/~kranakis/Papers/asiaccs09.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Good health and well-being","id":"https://metadata.un.org/sdg/3","score":0.8100000023841858}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W117572461","https://openalex.org/W1527422375","https://openalex.org/W1597305440","https://openalex.org/W1744212210","https://openalex.org/W1781758015","https://openalex.org/W1913575206","https://openalex.org/W1984350393","https://openalex.org/W1994340575","https://openalex.org/W2016901187","https://openalex.org/W2019199024","https://openalex.org/W2036983007","https://openalex.org/W2039390926","https://openalex.org/W2050065884","https://openalex.org/W2083477206","https://openalex.org/W2087564706","https://openalex.org/W2087922528","https://openalex.org/W2128920373","https://openalex.org/W2165100126","https://openalex.org/W4254762831"],"related_works":["https://openalex.org/W2280422768","https://openalex.org/W3143197806","https://openalex.org/W4252555497","https://openalex.org/W3121175838","https://openalex.org/W3016293053","https://openalex.org/W1690653314","https://openalex.org/W2401723157","https://openalex.org/W2065055572","https://openalex.org/W2784269775","https://openalex.org/W2952904874"],"abstract_inverted_index":{"The":[0,84],"propagation":[1],"speed":[2],"of":[3,11,26,53,68,89,123,148,166],"fast":[4,27,77,112,124],"scanning":[5,13,28,34,80,115,125,152],"worms":[6,14,29],"and":[7,36,60,70,78,99,113,136,194],"the":[8,120,159,167,172,182],"stealthy":[9],"nature":[10,122],"slow":[12,33,79,114],"present":[15],"unique":[16,63],"challenges":[17],"to":[18,31,49,105,110,142,190],"intrusion":[19,107],"detection.":[20],"Typically,":[21],"techniques":[22],"optimized":[23],"for":[24,75,132,146,177],"detection":[25,65,147,168,179,183],"fail":[30],"detect":[32,106],"worms,":[35],"vice":[37],"versa.":[38],"In":[39,55],"practice,":[40],"there":[41],"is":[42,155],"interest":[43],"in":[44,157],"developing":[45],"an":[46],"integrated":[47,64],"approach":[48,66,85],"detecting":[50,69],"both":[51,111],"classes":[52],"worms.":[54,116,150],"this":[56],"paper,":[57],"we":[58],"propose":[59],"analyze":[61],"a":[62,87,96,174],"capable":[67],"identifying":[71],"traffic":[72],"flow(s)":[73],"responsible":[74],"simultaneous":[76],"malicious":[81],"worm":[82,126,153,178],"attacks.":[83],"uses":[86],"combination":[88],"evidence":[90],"from":[91,102],"distributed":[92],"host-based":[93],"anomaly":[94],"detectors,":[95],"self-adapting":[97],"profiler":[98],"Bayesian":[100],"inference":[101],"network":[103],"heuristics":[104],"activity":[108],"due":[109],"We":[117],"assume":[118],"that":[119,163],"extreme":[121,133],"epidemics":[127],"make":[128],"them":[129],"well":[130],"suited":[131],"value":[134],"theory":[135],"use":[137],"sample":[138],"mean":[139],"excess":[140],"function":[141],"determine":[143],"appropriate":[144],"thresholds":[145],"such":[149],"Random":[151],"behavior":[154,165],"considered":[156],"analyzing":[158],"stochastic":[160],"time":[161],"intervals":[162],"affect":[164],"technique.":[169],"Based":[170],"on":[171],"analysis,":[173],"probability":[175],"model":[176],"interval":[180],"using":[181],"scheme":[184],"was":[185],"developed.":[186],"Simulations":[187],"are":[188],"used":[189],"validate":[191],"our":[192],"assumptions":[193],"analysis.":[195]},"counts_by_year":[{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":2}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}