{"id":"https://openalex.org/W2041225151","doi":"https://doi.org/10.1145/2555615","title":"A Host-Based Approach for Unknown Fast-Spreading Worm Detection and Containment","display_name":"A Host-Based Approach for Unknown Fast-Spreading Worm Detection and Containment","publication_year":2014,"publication_date":"2014-01-01","ids":{"openalex":"https://openalex.org/W2041225151","doi":"https://doi.org/10.1145/2555615","mag":"2041225151"},"language":"en","primary_location":{"id":"doi:10.1145/2555615","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2555615","pdf_url":null,"source":{"id":"https://openalex.org/S16632050","display_name":"ACM Transactions on Autonomous and Adaptive Systems","issn_l":"1556-4665","issn":["1556-4665","1556-4703"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Autonomous and Adaptive Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065505890","display_name":"Songqing Chen","orcid":"https://orcid.org/0000-0003-4650-7125"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Songqing Chen","raw_affiliation_strings":["George Mason University"],"affiliations":[{"raw_affiliation_string":"George Mason University","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100349496","display_name":"Lei Liu","orcid":"https://orcid.org/0000-0001-8173-0408"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Lei Liu","raw_affiliation_strings":["George Mason University"],"affiliations":[{"raw_affiliation_string":"George Mason University","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100634215","display_name":"Xinyuan Wang","orcid":"https://orcid.org/0000-0002-4129-2068"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinyuan Wang","raw_affiliation_strings":["George Mason University"],"affiliations":[{"raw_affiliation_string":"George Mason University","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100711482","display_name":"Xinwen Zhang","orcid":"https://orcid.org/0000-0002-8321-3006"},"institutions":[{"id":"https://openalex.org/I4210101778","display_name":"Samsung (United States)","ror":"https://ror.org/01bfbvm65","country_code":"US","type":"company","lineage":["https://openalex.org/I2250650973","https://openalex.org/I4210101778"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinwen Zhang","raw_affiliation_strings":["Samsung Information Systems America"],"affiliations":[{"raw_affiliation_string":"Samsung Information Systems America","institution_ids":["https://openalex.org/I4210101778"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100422993","display_name":"Zhao Zhang","orcid":"https://orcid.org/0000-0001-9165-1439"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhao Zhang","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5065505890"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":0.3448,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.65372689,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"8","issue":"4","first_page":"1","last_page":"18"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.8885631561279297},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8619905114173889},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.572408139705658},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.4886961281299591},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4641052484512329},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.45697224140167236},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.37077611684799194},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.28175827860832214}],"concepts":[{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.8885631561279297},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8619905114173889},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.572408139705658},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.4886961281299591},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4641052484512329},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.45697224140167236},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.37077611684799194},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.28175827860832214},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2555615","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2555615","pdf_url":null,"source":{"id":"https://openalex.org/S16632050","display_name":"ACM Transactions on Autonomous and Adaptive Systems","issn_l":"1556-4665","issn":["1556-4665","1556-4703"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Autonomous and Adaptive Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.4300000071525574}],"awards":[{"id":"https://openalex.org/G1947073708","display_name":null,"funder_award_id":"CNS-0509061, CNS-0746649, CNS-1117300","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"},{"id":"https://openalex.org/G27867248","display_name":null,"funder_award_id":"FA9550-09-1-0071","funder_id":"https://openalex.org/F4320338279","funder_display_name":"Air Force Office of Scientific Research"}],"funders":[{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"},{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W88694106","https://openalex.org/W1489157620","https://openalex.org/W1516506771","https://openalex.org/W1518067596","https://openalex.org/W1597305440","https://openalex.org/W1674877186","https://openalex.org/W1781758015","https://openalex.org/W1829813581","https://openalex.org/W1844590493","https://openalex.org/W2022740893","https://openalex.org/W2031006315","https://openalex.org/W2033368661","https://openalex.org/W2033811087","https://openalex.org/W2100583963","https://openalex.org/W2106388306","https://openalex.org/W2121542813","https://openalex.org/W2127433253","https://openalex.org/W2148954445","https://openalex.org/W2150042079","https://openalex.org/W2157153057","https://openalex.org/W2159919478","https://openalex.org/W2171770082","https://openalex.org/W4214931895","https://openalex.org/W6638932164"],"related_works":["https://openalex.org/W2065457896","https://openalex.org/W2117112636","https://openalex.org/W2001981265","https://openalex.org/W3173234801","https://openalex.org/W2167984027","https://openalex.org/W3021302227","https://openalex.org/W10630519","https://openalex.org/W1919377569","https://openalex.org/W3144288563","https://openalex.org/W2057670833"],"abstract_inverted_index":{"The":[0,178],"fast-spreading":[1,122],"worm,":[2],"which":[3,208],"immediately":[4],"propagates":[5],"itself":[6],"after":[7],"a":[8,30,55,121,134,143,185],"successful":[9],"infection,":[10],"is":[11,88,101,164,184,205],"becoming":[12],"one":[13],"of":[14,43,77,145,182,191],"the":[15,41,49,59,66,70,74,80,86,91,95,99,106,138,153,189,201],"most":[16],"serious":[17],"threats":[18],"to":[19,65,126,166,188],"today\u2019s":[20],"networked":[21],"information":[22],"systems.":[23],"In":[24,53],"this":[25],"article,":[26],"we":[27,140],"present":[28],"WormTerminator,":[29,54],"host-based":[31],"solution":[32],"for":[33,102,196,219],"fast":[34,103],"Internet":[35,155],"worm":[36,104,115,123,156,169,197],"detection":[37,221],"and":[38,112,147],"containment":[39],"with":[40],"assistance":[42],"virtual":[44,56,71,92,107],"machine":[45,57,72,108],"techniques":[46],"based":[47],"on":[48,222],"fast-worm":[50],"defining":[51],"characteristic.":[52],"cloning":[58],"host":[60,67,87,100],"OS":[61],"runs":[62],"in":[63,171],"parallel":[64],"OS.":[68],"Thus,":[69],"has":[73],"same":[75],"set":[76],"vulnerabilities":[78],"as":[79,128,130],"host.":[81,135],"Any":[82],"outgoing":[83,96,193,217],"traffic":[84,97,218],"from":[85,98],"diverted":[89],"through":[90,207],"machine.":[93],"If":[94],"propagation,":[105],"should":[109],"be":[110],"infected":[111],"will":[113,124,210],"exhibit":[114],"propagation":[116,170],"pattern":[117],"very":[118],"quickly":[119],"because":[120],"start":[125,190],"propagate":[127],"soon":[129],"it":[131],"successfully":[132],"infects":[133],"To":[136,199],"prove":[137],"concept,":[139],"have":[141,148],"implemented":[142],"prototype":[144],"WormTerminator":[146,163,183,209],"examined":[149],"its":[150],"effectiveness":[151],"against":[152],"real":[154],"Linux/Slapper.":[157],"Our":[158],"empirical":[159],"results":[160],"confirm":[161],"that":[162],"able":[165],"completely":[167],"contain":[168],"real-time":[172],"without":[173],"blocking":[174],"any":[175],"non-worm":[176],"traffic.":[177],"major":[179],"performance":[180,202],"cost":[181],"one-time":[186],"delay":[187,211],"each":[192],"normal":[194,216],"connection":[195],"detection.":[198],"reduce":[200],"overhead,":[203],"caching":[204],"utilized,":[206],"no":[212],"more":[213],"than":[214],"6%":[215],"such":[220],"average.":[223]},"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}