DocumentCode :
1914018
Title :
A probabilistic approach to detecting network scans
Author :
Leckie, C. ; Kotagiri, R.
Author_Institution :
Dept. of Electr. & Electron. Eng., Melbourne Univ., Parkville, Vic., Australia
fYear :
2002
fDate :
2002
Firstpage :
359
Lastpage :
372
Abstract :
This paper presents a probabilistic approach for detecting network scans in real-time. Unlike previous approaches, our model takes into consideration both the number of destinations or ports accessed by a source, as well as how unusual these accesses are. We demonstrate the effectiveness of our approach in terms of accuracy and throughput, based on an analysis of the unusual sources that were found in real-life packet trace files.
Keywords :
packet switching; probability; security of data; telecommunication network management; accuracy; anomaly detection; probabilistic detection algorithm; real-life packet trace files; real-time network scans detection; security management; signature detection; throughput; Intelligent networks; Intrusion detection; Network topology; Operating systems; Performance analysis; Security; Software systems; Telecommunication traffic; Throughput; Traffic control;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Network Operations and Management Symposium, 2002. NOMS 2002. 2002 IEEE/IFIP
Print_ISBN :
0-7803-7382-0
Type :
conf
DOI :
10.1109/NOMS.2002.1015594
Filename :
1015594
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1914018
بازگشت