Researchers:
Dr. Rahmat Budiarto
Assoc. Prof. Sureswaran Ramadass
Azlan Osman
Muhammad Fermi Pasha
Aw Chen Loong
Lo Peng Foo
Cheng Han Pin
jNETworm is a multi-platform application that continuously monitor and pinpoint sources of worms in a LAN, jNetworm is developed using Java and Eclipse Rich Client Platform (RCP) Technologies and thus it does not depend on any specific platform. It uses event correlation techniques in the worm pattern matching process to detect false positive alarms more accurately. It also has built-in operations to sort the database and packet filtering to examine only the potential worm packet in order to speed up the scanning process.
Current commercial products only protect worms at the gateway and at the end-hosts level. However, there are still security hole(s) in such protections. If a worm manages to get into the LAN, users in networks with patched and anti-virus-protected machines will still succumb to worm attacks from infected machines.
Jnetworm covers up holes that are still in the network. When a worm is detected in the network, an alarm is presented, and users is also able to view the worm's detailed information using jNetworm's built-in web browser.
For more information, please contact:
Dr Rahmat Budiarto
School of Computer Sciences
Universiti Sains Malaysia
(Contact details of Dr Rahmat Budiarto is available to registered journalists. Please click on the link below)
