Title :
Analysis of anomaly packet´s feature based on honeypot
Author :
Xinliang, Wang ; Fang, Liu ; Luying, Chen ; Zhenming, Lei
Author_Institution :
Sch. of Inf. & Commun. Eng., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
The deep study of anomaly feature based on the particular server was made in this paper. By continuously monitoring on the honeypot deployed in Internet Data Center for more than two months, the experimental results were summarized and some initial exploratory models were built. The models show that the number of attackers for the main attack types and ports can be described by normal distribution; meanwhile, the average packet number that each attacker generates per day can be described by log-normal distribution. This research aims to contribute to endeavor in the wider security research community to build methods and obtain some statistical models, grounded on strong empirical work, for assessment of the robustness of systems in hostile environments, and the anomaly traffic sampling, detection and classification on the backbone.
Keywords :
Internet; computer centres; computer network management; log normal distribution; normal distribution; security of data; statistical analysis; Internet data center; anomaly traffic sampling; log-normal distribution; security research community; statistical model; Gaussian distribution; Internet; Log-normal distribution; Monitoring; Robustness; Sampling methods; Security; Spine; Traffic control; Web server; Anomaly detection; Anomaly feature; Heavy-tail; Honeypot;
Conference_Titel :
Broadband Network & Multimedia Technology, 2009. IC-BNMT '09. 2nd IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-4590-5
Electronic_ISBN :
978-1-4244-4591-2
DOI :
10.1109/ICBNMT.2009.5348493
