Show simple item record

dc.contributor.advisorCullen, Andrea J.
dc.contributor.advisorWoodward, Mike E.
dc.contributor.authorMohd Saudi, Madihah
dc.date.accessioned2012-04-17T12:08:26Z
dc.date.available2012-04-17T12:08:26Z
dc.date.issued2012-04-17
dc.identifier.urihttp://hdl.handle.net/10454/5410
dc.description.abstractWorms have been improved and a range of sophisticated techniques have been integrated, which make the detection and response processes much harder and longer than in the past. Therefore, in this thesis, a STAKCERT (Starter Kit for Computer Emergency Response Team) model is built to detect worms attack in order to respond to worms more efficiently. The novelty and the strengths of the STAKCERT model lies in the method implemented which consists of STAKCERT KDD processes and the development of STAKCERT worm classification, STAKCERT relational model and STAKCERT worm apoptosis algorithm. The new concept introduced in this model which is named apoptosis, is borrowed from the human immunology system has been mapped in terms of a security perspective. Furthermore, the encouraging results achieved by this research are validated by applying the security metrics for assigning the weight and severity values to trigger the apoptosis. In order to optimise the performance result, the standard operating procedures (SOP) for worm incident response which involve static and dynamic analyses, the knowledge discovery techniques (KDD) in modeling the STAKCERT model and the data mining algorithms were used. This STAKCERT model has produced encouraging results and outperformed comparative existing work for worm detection. It produces an overall accuracy rate of 98.75% with 0.2% for false positive rate and 1.45% is false negative rate. Worm response has resulted in an accuracy rate of 98.08% which later can be used by other researchers as a comparison with their works in future.en_US
dc.description.sponsorshipMinistry of Higher Education, Malaysia and Universiti Sains Islam Malaysia (USIM)en_US
dc.language.isoenen_US
dc.rights<a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/"><img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png" /></a><br />The University of Bradford theses are licenced under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/">Creative Commons Licence</a>.eng
dc.subjectApoptosisen_US
dc.subjectData miningen_US
dc.subjectSecurity metricsen_US
dc.subjectKnowledge discovery technique (KDD)en_US
dc.subjectStandard Operating Procedures (SOP)en_US
dc.subjectWorm incident responseen_US
dc.subjectStatic analysisen_US
dc.subjectDynamic analysisen_US
dc.subjectWorm rulesen_US
dc.subjectWorm classificationen_US
dc.subjectSTAKCERT modelen_US
dc.subjectWorm detectionen_US
dc.subjectInternet securityen_US
dc.titleA new model for worm detection and response. Development and evaluation of a new model based on knowledge discovery and data mining techniques to detect and respond to worm infection by integrating incident response, security metrics and apoptosis.en_US
dc.type.qualificationleveldoctoralen_US
dc.publisher.institutionUniversity of Bradfordeng
dc.publisher.departmentDepartment of Computing, School of Computing, Informatics and Mediaen_US
dc.typeThesiseng
dc.type.qualificationnamePhDen_US
dc.date.awarded2011
refterms.dateFOA2018-07-19T09:18:06Z


Item file(s)

Thumbnail
Name:
THESIS MBMOHD SAUDI 2011.pdf
Size:
2.732Mb
Format:
PDF

This item appears in the following Collection(s)

Show simple item record