Abstract
This paper reports statistical analysis of portsweep, especially, slow portsweep. Since we need long span traffic data in order to analyze slow portsweep, we collected traffic data during twenty-five months by one PC having sixteen IP addresses on a network interface. The report of this paper seems useful for network attack detection or protection, especially for long span network attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Acharya, S., Wang, J., Ge, Z., Znati, T.F., Greenberg, A.: Traffic-Aware Firewall Optimization Strategies. In: The proceedings of IEEE International Conference on Communications, pp. 2225–2230 (2006)
Acharya, S., Abliz, M., Mills, B., Znati, T.F., Wang, J., Ge, Z., Greenberg, A.: OPTWALL:A Hierarchical Traffic-Aware Firewall. In: Proceedings of the Network and Distributed System Symposium (2007)
Hamed, H., Al-Shaer, E.: Dynamic Rule-ordering Optimization for High-speed Firewall Filtering. In: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pp. 332–342 (2006)
Kou, G., Peng, Y., Shi, Y., Chen, Z.: Network Intrusion Detection by Multi-group Mathematical Programming based Classifier. In: Proceedings of Sixth IEEE International Conference on Data Minig, pp. 803–807 (2006)
Denning, D.: An intrusion detection model. IEEE Transactions of Software Engineering SE-13(2), 222–232 (1987)
McHugh, J.: Sets, Bags and Rock and Roll - Analysing Large Data Sets of Network Data. In: WAIM 2004. LNCS, vol. 3129, pp. 407–422. Springer, Heidelberg (2004)
Malmedal, B.: Using Netflows for slow portscan detection, Master’s thesis, Gjøvik University Collage (2005)
Snort - An open source network intrusion detection system, http://www.snort.org/
Cisco Intrusion Detection, http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml
Emergency Response Team Coordinator Center, http://www.cert.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yoshiura, N. (2008). Statistical Analysis of Slow Portsweep. In: Ma, Y., Choi, D., Ata, S. (eds) Challenges for Next Generation Network Operations and Service Management. APNOMS 2008. Lecture Notes in Computer Science, vol 5297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88623-5_54
Download citation
DOI: https://doi.org/10.1007/978-3-540-88623-5_54
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88622-8
Online ISBN: 978-3-540-88623-5
eBook Packages: Computer ScienceComputer Science (R0)