Title :
Scan attack detection based on distributed cooperative model
Author :
Zhang, Wei ; Teng, Shaohua ; Xiufen Fu
Author_Institution :
Guangdong Univ. of Technol., Guangzhou
Abstract :
Researchers have done lots of work in scan attack detection. Various methods have been proposed. Although these methods can defense some scan attacks from hackers in some degree, there are lots of missing detections and false alerts. Especially current intrusion detection systems are difficult to satisfy the demand of large-scale distributed network. After we carefully research on network topological architecture and scan attack method and mechanism, we find that scan attack always happened at network layer and transport layer. Then we propose a scan detection method based on distributed cooperative model. It is composed of feature-based detection, scenario-based detection and statistic-based detection. The experiment results show that this method has obvious advantages. It can efficiently detect more scan attacks.
Keywords :
cooperative systems; security of data; distributed cooperative model; feature-based detection; intrusion detection systems; large-scale distributed network; network topological architecture; scan attack detection; scan detection method; statistic-based detection; Computer crime; Computer hacking; Computer vision; Expert systems; Intrusion detection; Large-scale systems; Packaging; SPICE; Throughput; Training data; CSCW; Scenario-based detection; data fusion; feature-based detection; scan attack; statistic-based detection;
Conference_Titel :
Computer Supported Cooperative Work in Design, 2008. CSCWD 2008. 12th International Conference on
Conference_Location :
Xi´an
Print_ISBN :
978-1-4244-1650-9
Electronic_ISBN :
978-1-4244-1651-6
DOI :
10.1109/CSCWD.2008.4537071
