Abstract
With the increased proliferation of the Internet, many of our activities are dependent on its services. Hackers are creating malfunction to particular services. In this work, we present a graph-based approach that analyzes the network data for structural patterns. We collect data about various attributes on computers within a network using NMap (Network Mapper) tool and aggregate this information into graphs. Our approach first reports the normative patterns in the data and then discovers any anomalous patterns associated with the previously discovered patterns; i.e., we are able to detect potential vulnerabilities, outdated services, as well as unauthorized ones. Our approach finds a good place when the complete profile of the computer infrastructure is available beforehand; subsequently, we can alert the network administrator to prevent the infrastructure from exploiting potential vulnerabilities by attackers.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Shafiq MZ, Farooq M, Khayam SA (2008) A comparative study of fuzzy inference systems, neural networks and adaptive neuro fuzzy inference systems for portscan detection. In: Workshops on applications of evolutionary computation. Springer, Heidelberg, pp 52–61
Lyon GF (2009) Nmap network scanning: the official Nmap project guide to network discovery and security scanning. Insecure
Orebaugh A, Pinkard B (2011) Nmap in the enterprise: your guide to network scanning. Elsevier, Amsterdam
Staniford-Chen S, Cheung S, Crawford R, Dilger M, Frank J, Hoagland J, Levitt K, Wee C, Yip R, Zerkle D (1996) GrIDS-a graph based intrusion detection system for large networks. In: Proceedings of the 19th national information systems security conference, vol 1, pp 361–370
Kato N, Nitou H, Ohta K, Mansfield G, Nemoto Y (1999) A real-time intrusion detection system (IDS) for large scale networks and its evaluations. IEICE Trans Commun 82(11):1817–1825
Kim H, Kim S, Kouritzin MA, Sun W (2004) Detecting network portscans through anomoly detection. In: Signal processing, sensor fusion, and target recognition XIII. International Society for Optics and Photonics, vol 5429, pp 254–264
Ertoz L, Eilertson E, Lazarevic A, Tan P-N, Dokas P, Kumar V, Srivastava J (2003) Detection of novel network attacks using data mining. In: Proceedings of workshop on data mining for computer security
Gates C, McNutt JJ, Kadane JB, Kellner MI (2006) Scan detection on very large networks using logistic regression modeling. In: Proceedings of 11th IEEE symposium on computers and communications, ISCC 2006. IEEE, pp 402–408
Jung J, Paxson V, Berger AW, Balakrishnan H (2004) Fast portscan detection using sequential hypothesis testing. In: Proceedings of 2004 IEEE symposium on security and privacy. IEEE, pp 211–225
Eberle W, Holder L (2007) Anomaly detection in data represented as graphs. Intell Data Anal 11(6):663–689
Ketkar NS, Holder LB, Cook DJ (2005) Subdue: compression-based frequent pattern discovery in graph data. In: Proceedings of the 1st international workshop on open source data mining: frequent pattern mining implementations. ACM, pp 71–76
Grunwald PD (2007) The minimum description length principle. MIT Press, Cambridge, pp 1–40
Depren O, Topallar M, Anarim E, Ciliz MK (2005) An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Syst Appl 29(4):713–722
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Velampalli, S., Saxena, A. (2019). A Graph-Based Approach for IP Network Analysis. In: Peng, SL., Dey, N., Bundele, M. (eds) Computing and Network Sustainability. Lecture Notes in Networks and Systems, vol 75. Springer, Singapore. https://doi.org/10.1007/978-981-13-7150-9_20
Download citation
DOI: https://doi.org/10.1007/978-981-13-7150-9_20
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-7149-3
Online ISBN: 978-981-13-7150-9
eBook Packages: EngineeringEngineering (R0)