Remote NAT Detect Algorithm Based on Support Vector Machine

Author

Li Rui ; Zhu Hongliang ; Xin Yang ; Yang, Xin ; Wang Cong

Author_Institution

Inf. Security Center, Beijing Univ. of Posts & Telecommun., Beijing, China

fYear

2009

fDate

19-20 Dec. 2009

Firstpage

1

Lastpage

4

Abstract

The Network Address Translation (NAT) technique resolved the IPv4 address shortage problem effectively. Meanwhile, it brings issues to network management. Unauthorized NAT devices may be a significant security problem. Attackers may conduct malicious activities by using computers hidden behind unauthorized NAT. The remote NAT detect algorithm is proposed based on support vector machine method. Different from previous researches, it dose not depend on any special field in any packet. The network traffic is represented by 8 features and filtered by activity value which is calculated by the proposed function. Then, the support vector machine method is applied to analyze the feature vectors and tell which ones are from hosts behind NAT. The implementation shows that the accuracy and specificity of the algorithm is much higher when there are more hosts behind the NAT device.

Keywords

computer network security; support vector machines; telecommunication network management; telecommunication traffic; transport protocols; IPv4 address shortage problem; malicious activity; network address translation technique; network filtering; network management; network traffic; remote NAT detect algorithm; security problem; support vector machine; Clocks; Counting circuits; Intrusion detection; Laboratories; Network address translation; Operating systems; Support vector machine classification; Support vector machines; TCPIP; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on

Conference_Location

Wuhan

Print_ISBN

978-1-4244-4994-1

Type

conf

DOI

10.1109/ICIECS.2009.5365286

Filename

5365286