Abstract
Active worms have posed a major security threat to the Internet, and many research efforts have focused on them. This paper is interested in internet worm that spreads via TCP, which accounts for the majority of internet traffic. It presents an approach that use a hybrid solution between two detection algorithms: behavior base detection and signature base detection to have the features of each of them. The aim of this study is to have a good solution of detecting worm and stealthy worm with the feature of the speed. This proposal was designed in distributed collaborative scheme based on the small-world network model to effectively improve the system performance.
Copyright: Open Access authors retain the copyrights of their papers, and all open access articles are distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution and reproduction in any medium, provided that the original work is properly cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations. While the advice and information in this journal are believed to be true and accurate on the date of its going to press, neither the authors, the editors, nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.