International Journal of Digital Electronics

Open Access  Subscription or Fee Access

Research on unknown malware is a domain where terminology subject to ongoing discussions. Providing a standard unknown malware naming scheme is an open problem that different organizations try to address. For finding unknown need known family while identification, it will match the family and characteristics with known, if it’s not there then update by using online batches, all standardization progresses can be found in Computer Antivirus Researcher's Organization (CARO), the Common Malware Enumeration Initiative (CME) or the European Institute for Computer Antiviral Research (EICAR). In the earlier chapter literature review related with the existing models for identifying unknown malware has been carried out. The Intrusion Detection Systems (IDSs) found in the literature survey are effectively used to identify and detect only known Network attacks and unable to evaluate the risk of Network service. In order to overcome limitations of the existing IDS, a new active defense system with Intelligence principles named IIDPS (Intelligence Intrusion Detecton Prevention System) for detecting and preventing unknown malware has been proposed in this paper. This system fulfills the objectives of security like authenticity, confidentiality, integrity, availability and non-repudiation.

Keywords: Computer Antivirus Researcher's Organization, Intelligence Intrusion Detection Prevention System, Common Malware Enumeration Initiative, European Institute for Computer Anti-viral Research,

Chebrolu S, Abraham A, Thomas J.P. Feature Detection and Ensemble Design of Intrusion Detection Systems. Compute Security: Elsevier. 2005: 24; 295–307p.

Chen Y, Abraham A, Yang J. Feature Deduction And Intrusion Detection Using Flexible Neural Trees. In Second IEEE International Symposium on Neural Networks: 2005.

Chen Z., Gao L, Kwiat K. Modeling the Spread of Active Worms”, INFOCOM. Twenty-Second Annual Joint Conferences of the IEEE Computer and Communications Societies. IEEE. 2003.

Chou T.S., Yen K.K. Fuzzy Belief K-Nearest Neighbors Anomaly Detection of User to Root and Remote to Local Attacks. The IEEE Workshop on Information Assurance. 2007: United States Military Academy, West Point, New York; 207–13p.

Cohen F. Computer Viruses: Theory and Experiments. Computer Security: Elsevier. 1987: 6(1); 22–35p.

Ghosh A.K., Schwartzbard A. A Study in Using Neural Networks for Anomaly and Misuse Detection. 8th Usenix Security Symposium. Washington D.C. 1999 August 23-36; 141–152p.

Ghosh A.K., Schwartzbard A., Schatz M. Learning Program Behavior Profiles for Intrusion Detection. Workshop on Intrusion Detection and Network Monitoring USENIX. Santa Clara C.A.1999.

Livadas C., Walsh B., Lapsley D. et al. Using Machine Learning Techniques to Identify Botnet Traffic. Second IEEE LCN Workshop on Network Security (WNS), Tampa, FL, USA.2006.

Meystel A.M., Albus J.M. Intelligent Systems Architecture, Design and Control. John Wiley & Sons, Inc. New York.2002.

Mukkamala S., Janoski G., Sung A. Monitoring System Security Using Neural Networks and Support Vector Machines. International Workshop on Hybrid Intelligent Systems. 2001: 121–138p.

Mukkamala S., Sung A., Abraham A. Designing Intrusion Detection Systems: Architectures and Perspectives. The International Engineering Consortium (IEC) Annual Review of Communications. 2004: 57; 1229–41, p.

Mukkamala S., Sung A., Abraham A. Hybrid Multi-Agent Framework for Detection of Stealthy Probe. Appl. Soft Computing Journal. 2007: 7(3); 631–41p.

Mukkamala S., Sung A.H., Abraham A. Intrusion Detection Using Ensemble Of Soft Computing Paradigms. Third International Conference on Intelligent Systems Design and Applications Advances In Soft Computing. Springer. New York. 2003: 239–248p.

Mukkamala S., Sung A.H., Abraham A. Modeling Intrusion Detection Systems Using Linear Genetic Programming Approach. 17th International Conference on Industrial and Engineering Applications of Artificial Intelligence and Expert Systems, Lecture Notes in Computer Science. Springer. New York. 3029: 2004; 633–42p.

Ourston D., Matzner S., Stump W. et al. Coordinated Internet Attacks Responding To Attack Complexity. Computer Security IEEE. 2004: 12; 165–190p.

Shah K., Dave N., Chavan S. et al. Adaptive Neuro-Fuzzy Intrusion Detection System. IEEE International Conference on ITCC’04. 1: 2004; 70–74p.

Wang W., Gombault S., Guyet T. Towards Fast Detecting Intrusions: Using Key Attributes Of Network Traffic. The third international conference on internet monitoring and protection. IEEE Press. New York, 2008: 86–91p.

Wang J. Internet Worm Early Detection and Response Mechanism. The Journal of China Universities of Posts and Telecommunications, IEEE. 14(3): 2007; 79–84p.