A Characterization of Cybersecurity Posture from Network Telescope Data

作者: Zhenxin Zhan , Maochao Xu , Shouhuai Xu

DOI: 10.1007/978-3-319-27998-5_7

关键词:

摘要: Data-driven understanding of cybersecurity posture is an important problem that has not been adequately explored. In this paper, we analyze some real data collected by CAIDA's network telescope during the month March 2013. We propose to formalize concept from perspectives three kinds time series: number victims i.e., IP addresses are attacked, attackers observed telescope, and attacks telescope. Characterizing therefore becomes investigating phenomena statistical properties exhibited these series, explaining their meanings. For example, sweep-time, show sweep-time should be modeled stochastic process, rather than random variable. report a certain country dominates total also substantially smaller telescopes might as useful large

参考文章(40)
David Moore, Colleen Shannon, Geoffrey M Voelker, Stefan Savage, Network Telescopes: Technical Report ,(2004)
Nevil Brownlee, One-way traffic monitoring with iatmon passive and active network measurement. pp. 179- 188 ,(2012) , 10.1007/978-3-642-28537-0_18
Paul Barford, Yan Chen, Anup Goyal, Zhichun Li, Vern Paxson, Vinod Yegneswaran, Employing Honeynets For Network Situational Awareness Cyber Situational Awareness. ,vol. 46, pp. 71- 102 ,(2010) , 10.1007/978-1-4419-0140-8_5
Niels Provos, A virtual honeypot framework usenix security symposium. pp. 1- 1 ,(2004)
Vinod Yegneswaran, Paul Barford, Dave Plonka, On the Design and Use of Internet Sinks for Network Abuse Monitoring recent advances in intrusion detection. pp. 146- 165 ,(2004) , 10.1007/978-3-540-30143-1_8
Michael Bailey, Evan Cooke, Farnam Jahanian, Jose Nazario, David Watson, None, The Internet Motion Sensor - A Distributed Blackhole Monitoring System. network and distributed system security symposium. ,(2005)
Kung-sik Chan, Jonathan D. Cryer, Time Series Analysis: With Applications in R ,(2010)
Eduard Glatz, Xenofontas Dimitropoulos, Classifying internet one-way traffic internet measurement conference. pp. 37- 50 ,(2012) , 10.1145/2398776.2398781
K.C. Claffy, H.-W. Braun, G.C. Polyzos, A parameterizable methodology for Internet traffic flow profiling IEEE Journal on Selected Areas in Communications. ,vol. 13, pp. 1481- 1494 ,(1995) , 10.1109/49.464717