Analysis of Techniques for Detection and Removal of Zero-Day Attacks (ZDA)

Analysis of Techniques for Detection and Removal of Zero-Day Attacks (ZDA)

연구 분야: Strategies

학회: International Conference on Ubiquitous Security

Zero-day attacks (ZDAs) are previously unknown flaws and errors in operating systems, networks, and general-purpose software. ZDAs are the cause to open security breach holes for external users or hackers for illegal operations before patches. ZDAs are different from viruses, worms and Trojans. They are very difficult to detect and remove because they are unknown to users and even programmers. Conventional defense systems are useless against such types of attacks. This paper investigates the zero-day attacks, their vulnerabilities, the intensity of these attacks and the reasons in a real-time environment. Different techniques are compared to investigate ZDAs. The hybrid technique has been used to check the behavior of data traffic coming from outside the world in the virtual environment for zero-day attacks. Static check tools (MD5 Checksum, AV-Suite, and SOPHOS) and behavioral check tools (SANDBOX) have been used for the verification and validation of results. The second comparatively best technique is Machine Learning-Based Technique which showed the best results. The results show how to choose the best solution against zero-day attacks in the real-time environment of the software.