Network surveillance for detecting intrusions

Makoto Iguchi, Shigeki Goto

    研究成果: Conference contribution

    4 被引用数 (Scopus)

    抄録

    The paper proposes a network surveillance method for detecting malicious activities. Based on the hypothesis that unusual conducts like system exploitation will trigger an abnormal network traffic, we try to detect this anomalous traffic pattern as a sign of malicious, or at least suspicious activities. Capturing and analyzing of a network traffic pattern is implemented with an idea of port profiling, where measures representing various characteristics of connections are monitored and recorded for each port. Though the generation of the port profiles requires a small amount of calculation, they exhibit high stability and robustness. By comparing the pattern exhibited by live traffic with the expected behavior recorded in the profile, intrusive activities like compromising backdoors or invoking trojan programs are successfully detected.

    本文言語English
    ホスト出版物のタイトル1999 Internet Workshop, IWS 1999
    出版社Institute of Electrical and Electronics Engineers Inc.
    ページ99-106
    ページ数8
    ISBN(電子版)0780359259, 9780780359253
    DOI
    出版ステータスPublished - 1999 1月 1
    イベント1999 Internet Workshop, IWS 1999 - Suita, Osaka, Japan
    継続期間: 1999 2月 181999 2月 20

    Other

    Other1999 Internet Workshop, IWS 1999
    国/地域Japan
    CitySuita, Osaka
    Period99/2/1899/2/20

    ASJC Scopus subject areas

    • 情報システムおよび情報管理
    • ハードウェアとアーキテクチャ
    • コンピュータ ネットワークおよび通信

    フィンガープリント

    「Network surveillance for detecting intrusions」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

    引用スタイル