• DocumentCode
    64968
  • Title

    Scan detection under sampling: a new perspective

  • Author

    Paredes-Oliva, I. ; Barlet-Ros, Pere ; Sole-Pareta, Josep

  • Author_Institution
    Univ. Politec. de Catalunya BarcelonaTech, Barcelona, Spain
  • Volume
    46
  • Issue
    4
  • fYear
    2013
  • fDate
    Apr-13
  • Firstpage
    38
  • Lastpage
    44
  • Abstract
    In tests using the same fraction of packets for comparison, packet sampling outperformed flow sampling for scan detection, while both selective sampling and a proposed extension that uses significantly less resources were superior to either of these techniques. The Web extra at http://youtu.be/Mgf8_a0fRs0 is a slide show that considers how in tests using the same fraction of packets for comparison, packet sampling outperformed flow sampling for scan detection, while both selective sampling and a proposed extension that uses significantly less resources were superior to either technique.
  • Keywords
    security of data; flow sampling; packet sampling; scan detection; selective sampling; Computer crime; Computer security; Detection algorithms; Memory management; Monitoring; Sampling methods; network security; scan detection; traffic sampling;
  • fLanguage
    English
  • Journal_Title
    Computer
  • Publisher
    ieee
  • ISSN
    0018-9162
  • Type

    jour

  • DOI
    10.1109/MC.2013.70
  • Filename
    6468028
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=64968