Big Data Sanitization and Cyber Situational Awareness: A Network Telescope Perspective
作者: Elias Bou-Harb , Martin Husak , Mourad Debbabi , Chadi Assi
DOI: 10.1109/TBDATA.2017.2723398
关键词: Computer science 、 Data modeling 、 The Internet 、 Big data 、 Situation awareness 、 Darknet 、 Formal methods 、 Raw data 、 Computer security 、 Network telescope
摘要: This paper addresses the problems of data sanitization and cyber situational awareness by analyzing 910 GB real Internet-scale traffic, which has been passively collected monitoring close to 16.5 million darknet IP from a /8 /13 network telescopes. First, offers novel probabilistic preprocessing model, aims at sanitizing prepare it for effective use in task threat intelligence generation. Such model engineered using distributed multithreaded approach, rendering operational highly on big data. Second, further contributes presenting an innovative approach infer large-scale orchestrated probing campaigns leveraging data, Internet awareness. The uniquely reduces dimensionality such utilizing its artifacts, instead processing actual raw is accomplished extracting time series formal methods rooted Fourier transform Kalman filtering. Thorough empirical evaluations indeed validate accuracy performance proposed techniques. We assert that orchestration inference are significant value, given their postulated applicable nature field measurements security era
computer.org
sci-hub.se 参考文章(57)
Zhichun Li, Anup Goyal, Yan Chen, Honeynet-based botnet scan traffic analysis Conference on Botnet Detection - Countering the Largest Security Threat. ,vol. 36, pp. 25- 44 ,(2008) , 10.1007/978-0-387-68768-1_2
Simone Faro, Thierry Lecroq, An Efficient Matching Algorithm for Encoded DNA Sequences and Binary Strings combinatorial pattern matching. pp. 106- 115 ,(2009) , 10.1007/978-3-642-02441-2_10
Jay P. Hoeflinger, Bronis R. de Supinski, The OpenMP memory model international workshop on openmp. pp. 167- 177 ,(2005) , 10.1007/978-3-540-68555-5_14
David Heckerman, A tutorial on learning with Bayesian networks Proceedings of the NATO Advanced Study Institute on Learning in graphical models. pp. 301- 354 ,(1999) , 10.1007/978-3-540-85066-3_3
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
M. Ford, J. Stevens, J. Ronan, Initial Results from an IPv6 Darknet13 international conference on image and signal processing. pp. 13- 13 ,(2006) , 10.1109/ICISP.2006.14
Claude Fachkha, Elias Bou-Harb, Mourad Debbabi, On the inference and prediction of DDoS campaigns communications and mobile computing. ,vol. 15, pp. 1066- 1078 ,(2015) , 10.1002/WCM.2510
Alberto Dainotti, Karyn Benson, Alistair King, Bradley Huffaker, Eduard Glatz, Xenofontas Dimitropoulos, Philipp Richter, Alessandro Finamore, Alex C. Snoeren, Lost in Space: Improving Inference of IPv4 Address Space Utilization IEEE Journal on Selected Areas in Communications. ,vol. 34, pp. 1862- 1876 ,(2016) , 10.1109/JSAC.2016.2559218
Elias Bou-Harb, Mourad Debbabi, Chadi Assi, A Time Series Approach for Inferring Orchestrated Probing Campaigns by Analyzing Darknet Traffic availability, reliability and security. pp. 180- 185 ,(2015) , 10.1109/ARES.2015.9
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda, Automatically generating models for botnet detection european symposium on research in computer security. pp. 232- 249 ,(2009) , 10.1007/978-3-642-04444-1_15