Knowledge discovery of port scans from darknet
作者: Sofiane Lagraa , Jerome Francois
DOI: 10.23919/INM.2017.7987415
关键词:
摘要: Port scanning is widely used in Internet prior for attacks order to identify accessible and potentially vulnerable hosts. In this work, we propose an approach that allows discover port behavior patterns group properties of scans. This based on graph modelling mining. It provides security analysts relevant information what services are jointly targeted, the relationship scanned ports. helpful assess skills strategy attacker. We applied our method data collected from a large darknet data, i.e. full /20 network where no machines or have been hosted study activities.
archives-ouvertes.fr
sci-hub.se 参考文章(17)
Zakir Durumeric, Michael Bailey, J Alex Halderman, None, An internet-wide view of internet-wide scanning usenix security symposium. pp. 65- 78 ,(2014)
Peng Ning, Barry Peddycord, Sushil Jajodia, On the accurate identification of network service dependencies in distributed systems usenix large installation systems administration conference. pp. 181- 194 ,(2012) , 10.5555/2432523.2432538
Michalis Faloutsos, Tina Eliassi-Rad, Xuetao Wei, Huy Hang, Entelecheia: Detecting P2P botnets in their waiting stage 2013 IFIP Networking Conference. pp. 1- 9 ,(2013)
Eray Balkanli, A. Nur Zincir-Heywood, On the analysis of backscatter traffic local computer networks. pp. 671- 678 ,(2014) , 10.1109/LCNW.2014.6927719
Ross Brewer, Advanced persistent threats: minimising the damage Network Security. ,vol. 2014, pp. 5- 9 ,(2014) , 10.1016/S1353-4858(14)70040-6
Linton C. Freeman, Centrality in social networks conceptual clarification Social Networks. ,vol. 1, pp. 215- 239 ,(1978) , 10.1016/0378-8733(78)90021-7
Jean-Pierre van Riel, Barry Irwin, InetVis, a visual tool for network telescope traffic analysis Proceedings of the 4th international conference on Computer graphics, virtual reality, visualisation and interaction in Africa - Afrigaph '06. pp. 85- 89 ,(2006) , 10.1145/1108590.1108604
David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker, Stefan Savage, Inferring Internet denial-of-service activity ACM Transactions on Computer Systems. ,vol. 24, pp. 115- 139 ,(2006) , 10.1145/1132026.1132027
Elaheh Biglar Beigi, Hossein Hadian Jazi, Natalia Stakhanova, Ali A. Ghorbani, Towards effective feature selection in machine learning-based botnet detection approaches communications and networking symposium. pp. 247- 255 ,(2014) , 10.1109/CNS.2014.6997492
M. E. J. Newman, M. Girvan, Finding and evaluating community structure in networks. Physical Review E. ,vol. 69, pp. 026113- 026113 ,(2004) , 10.1103/PHYSREVE.69.026113