DocumentCode
2976447
Title
Graph-based analysis in network security
Author
Collins, M. Patrick
Author_Institution
Redjack, LLC, Silver Spring, MD, USA
fYear
2011
fDate
7-10 Nov. 2011
Firstpage
1333
Lastpage
1337
Abstract
Traffic graph analysis has become an increasingly useful tool in network security. By summarizing the aggregate activity of a particular service or network using graph based representations, it is possible to model normal activity using a variety of different attributes which are not easily identified or exploited by attackers. In this paper, we discuss several examples of analysis using traffic graphs and demonstrate its potential for scan detection, identifying hitlist attackers, and identifying spammers.
Keywords
graph theory; telecommunication networks; telecommunication security; telecommunication traffic; hitlist attacker identification; network security; scan detection; spammer identification; traffic graph analysis; Aggregates; Analytical models; IP networks; Intrusion detection; Servers; Social network services;
fLanguage
English
Publisher
ieee
Conference_Titel
MILITARY COMMUNICATIONS CONFERENCE, 2011 - MILCOM 2011
Conference_Location
Baltimore, MD
ISSN
2155-7578
Print_ISBN
978-1-4673-0079-7
Type
conf
DOI
10.1109/MILCOM.2011.6127488
Filename
6127488
Link To Document