Security techniques for zero day attacks

Udaya Tupakula*, Vijay Varadharajan

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

Abstract

We propose security architecture to detect and prevent zero day attacks and techniques to deal with the polymorphic and metamorphic behaviour of the attacks. The components of our architecture are designed to deal with different types of malicious behaviour. The entity validation component is used for capturing information of the operating system and applications running in the virtual machines, secure logging and detection of attacks that are generated with spoofed source address. The intrusion detection engine component is used for detection of known attacks and suspicious behaviour of the entities by monitoring the incoming and outgoing traffic of virtual machines. The dynamic analyzer is used for detection and validation of hidden processes, detection of zero day attacks and fine granular isolation of malicious process that is generating the attack traffic. After a zero day attack is detected, interactive VM technique is used to determine if the zero day attack exhibits polymorphic or metamorphic behaviour and develop attack signatures to deal with the attacks efficiently.

Original languageEnglish
Title of host publicationIWCMC 2011 - 7th International Wireless Communications and Mobile Computing Conference
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages442-447
Number of pages6
ISBN (Print)9781424495399
DOIs
Publication statusPublished - 2011
Event7th International Wireless Communications and Mobile Computing Conference, IWCMC 2011 - Istanbul, Turkey
Duration: 4 Jul 20118 Jul 2011

Other

Other7th International Wireless Communications and Mobile Computing Conference, IWCMC 2011
CountryTurkey
CityIstanbul
Period4/07/118/07/11

Fingerprint Dive into the research topics of 'Security techniques for zero day attacks'. Together they form a unique fingerprint.

Cite this