Comparative analysis of darknet traffic characteristics between darknet sensors
作者: Falguni Gadhia , Jangwon Choi , Buseung Cho , Jungsuk Song
DOI: 10.1109/ICACT.2015.7224757
关键词:
摘要: Today, Internet is incessantly attacked by wide variety of network-based threats. One the ways to monitor or identify such prevailing threats incoming traffic unused network addresses popularly known as darknet and often also referred with various other names like telescope black hole. As, all arriving at mainly result from malicious probing mis configuration in network. It expected that have similar behaviour across different sensors, however, studies found it different. Various reason cited behind misconfiguration, certain kind attack, difference filtering parameter system itself. However, concrete beside this still missing. In regard, get further understanding, study, we performed deeper comparative analysis between two sensors (KISTI Darknet network) are differently located but configuration. Comparative considering total packet, number source host, targeting destination port protocol revealed there exists characteristics sensors. Moreover, for TCP UDP comparison, showed more particular block (difference sensors), contrast it, scanning (similarity sensor).
sci-hub.se 参考文章(10)
Jungsuk Song, Jang-Won Choi, Sang-Soo Choi, A malware collection and analysis framework based on darknet traffic international conference on neural information processing. pp. 624- 631 ,(2012) , 10.1007/978-3-642-34481-7_76
Sang-soo Choi, Jungsuk Song, Seokhun Kim, Sookyun Kim, A model of analyzing cyber threats trend and tracing potential attackers based on darknet traffic Security and Communication Networks. ,vol. 7, pp. 1612- 1621 ,(2014) , 10.1002/SEC.796
Eric Wustrow, Manish Karir, Michael Bailey, Farnam Jahanian, Geoff Huston, None, Internet background radiation revisited internet measurement conference. pp. 62- 74 ,(2010) , 10.1145/1879141.1879149
Nobuaki Furutani, Tao Ban, Junji Nakazato, Jumpei Shimamura, Jun Kitazono, Seiichi Ozawa, Detection of DDoS Backscatter Based on Traffic Features of Darknet TCP Packets information security. pp. 39- 43 ,(2014) , 10.1109/ASIAJCIS.2014.23
Evan Cooke, Michael Bailey, Z Morley Mao, David Watson, Farnam Jahanian, Danny McPherson, None, Toward understanding distributed blackhole placement workshop on rapid malcode. pp. 54- 64 ,(2004) , 10.1145/1029618.1029627
Anukool Lakhina, Mark Crovella, Christophe Diot, Diagnosing network-wide traffic anomalies Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '04. ,vol. 34, pp. 219- 230 ,(2004) , 10.1145/1015467.1015492
Ruoming Pang, Vinod Yegneswaran, Paul Barford, Vern Paxson, Larry Peterson, Characteristics of internet background radiation internet measurement conference. pp. 27- 40 ,(2004) , 10.1145/1028788.1028794
M. H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita, Surveying Port Scans and Their Detection Methodologies The Computer Journal. ,vol. 54, pp. 1565- 1581 ,(2011) , 10.1093/COMJNL/BXR035
Michael Bailey, Evan Cooke, Farnam Jahanian, Andrew Myrick, Sushant Sinha, None, Practical Darknet Measurement conference on information sciences and systems. pp. 1496- 1501 ,(2006) , 10.1109/CISS.2006.286376
Anukool Lakhina, Mark Crovella, Christophe Diot, Diagnosing network-wide traffic anomalies Computer Communication Review. ,(2004) , 10.1145/1030194.1015492