近年来，蠕虫逐渐成为一种主要的网络威胁．文中针对现有蠕虫检测算法误检率高的问题，提出了一种基于相似度分析的蠕虫检测算法．该算法通过分析异常数据序列与蠕虫行为特征之间的相似性，实现对基本累计异常行为特征检测算法的优化; 同时，考虑到复杂的网络环境，利用卡尔曼滤波器的预测功能实现对检测阈值的动态调整．仿真结果表明，与基本累计异常行为特征检测算法相比，文中算法能够有效地降低误检率，提高检测的精度．

In recent years,worms have gradually become serious security threats to Internet. However,the existing detection algorithms of worms are insufficient due to their high false detection rate. In order to solve this problem,a similarity-based detection algorithm of worms is proposed,which optimizes the basic cumulative abnormal detection algorithm by analyzing the similarity of abnormal data series to worm scanning characteristics,and dynamically
adapt the detection threshold to complex network environments using a Kalman filter. Simulated results indicate that,as compared with the basic cumulative abnormal detection algorithm,the proposed algorithm is more effective because it reduces the false detection rate and improves the detection accuracy.