DefinePK

Abstract

Malicious software or malware activity is increasingly threatened the network security as the malicious codes can be easily obtained and can be used as a weapon to gain illegal objectives. Hence, network traffic gathered from a control experiment are explored and features selection method is used to identify the features involved in formulating the malware attack pattern. This paper proposes generalize malware attack pattern in two perspectives which is attacker and victim using traditional worm. This research shall facilitate the authorities in detecting the malware intrusion activities in cyber space while protecting the Critical National Information Infrastructure (CNII) in the country. These generalized malware attack pattern can be extended into research areas in alert correlation and computer forensic investigation.