• DocumentCode
    3083520
  • Title

    Automated detection of malicious reconnaissance to enhance network security

  • Author

    Allen, William H. ; Marin, Gerald A. ; Rivera, Luis A.

  • Author_Institution
    Dept. of Comput. Sci., Florida Inst. of Technol., Melbourne, FL, USA
  • fYear
    2005
  • fDate
    8-10 April 2005
  • Firstpage
    450
  • Lastpage
    454
  • Abstract
    Anomaly detection tools currently react to directed attacks during or shortly after they have occurred. Unfortunately, an attack that is detected after it has occurred is, in essence, a successful one. Advance warning of potential attacks could aid in their detection. Before an attack is launched the attacker often performs reconnaissance on the target host or network to learn its vulnerabilities. If malicious network reconnaissance can be detected and identified, it can serve as a warning of future attacks and may provide clues as to the identity of the attacker. This paper presents a novel technique for the automated detection of malicious network reconnaissance in a live network.
  • Keywords
    Internet; computer network management; invasive software; telecommunication security; advance warning; anomaly detection tools; automated detection; malicious reconnaissance; network security; Computer science; Intrusion detection; Marine technology; Monitoring; Network topology; Pattern matching; Protocols; Reconnaissance; Software testing; Telecommunication traffic;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    SoutheastCon, 2005. Proceedings. IEEE
  • Print_ISBN
    0-7803-8865-8
  • Type

    conf

  • DOI
    10.1109/SECON.2005.1423286
  • Filename
    1423286
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3083520