Date of Graduation
Statler College of Engineering and Mineral Resources
Lane Department of Computer Science and Electrical Engineering
Self-propagating malicious mobile code, or worms, has become a major threat to modern computer systems. As these types of viruses thrive in a networked computing environment, they have exploded in popularity in recent years.;Modern defenses have proved inadequate in protecting computer systems from the worm threat. The most often used remedy is a signature-based detection system that scans each incoming network packet for the presence of a signature identifying a specific worm. As a new worm or variant of an existing worm is released, this signature set must be updated to include definitions for the new worm or variant.;In this thesis we propose a heuristic-based system for worm detection. This system should be able to detect many different worms and worm variants using only a small heuristic set. The use of heuristics also should eliminate the need to update the rule set as new worms or worm variants are released.
Twardus, Jesse, "The use of heuristics in identifying self-propagating malicious mobile code" (2005). Graduate Theses, Dissertations, and Problem Reports. 3208.