| IEICE Technical Committee Submission System Conference Paper's Information |
Online Proceedings [Sign in] Tech. Rep. Archives |
| Go Top Page | Go Previous | [Japanese] / [English] |
| Paper Abstract and Keywords | ||
| Presentation | 2020-03-03 16:15 A Portscan Detection Based on Low-rankness of Destination Port Matrices Hiroki Nousou, Masao Yamagishi, Isao Yamada (Tokyo Tech)  EA2019-167 SIP2019-169 SP2019-116 |
|
| Abstract | (in Japanese) | (See Japanese page) |
| (in English) | The detection of port scans as possible preliminaries to more serious attacks is important for system administrators and other network defenders. However classifying port scan from backscatter as a side-effect of DoS attack has been a major burden to detect scans with high precision. In this report, we present an idea to resolve this issue. We newly introduce a set of flows, named the PB-flow bundle, which satisfies certain common features of port scans and backscatters, and then define a destination port matrix of which column indicates the distribution of destination ports of each PB-flow bundle. By observing that (i) the destination port matrix corresponding to port scan tends to have low rank, and (ii) each column of the destination port matrix corresponding to backscatter tends to show low coherence with destination ports of other PB-flow bundles, we propose a portscan detection method based on a decomposition of a given destination port matrix into sum of low rank and low coherent matrices. The matrix decomposition is realized by applying Douglas-Rachford splitting algorithm to a convexly relaxed optimization problem. Numerical experiments show the effectiveness of the proposed method. | |
| Keyword | (in Japanese) | (See Japanese page) |
| (in English) | Portscan detection / Backbone network / Backscatter / PB-flow bundle / Destination port matrix / Low-rankness / Convex optimization / | |
| Reference Info. | IEICE Tech. Rep., vol. 119, no. 440, SIP2019-169, pp. 385-390, March 2020. | |
| Paper # | SIP2019-169 | |
| Date of Issue | 2020-02-24 (EA, SIP, SP) | |
| ISSN | Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 | |
| Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) | |
| Download PDF | EA2019-167 SIP2019-169 SP2019-116 |
|
| Conference Information | |
| Committee | SP EA SIP |
| Conference Date | 2020-03-02 - 2020-03-03 |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Okinawa Industry Support Center |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Paper Information | |
| Registration To | SIP |
| Conference Code | 2020-03-SP-EA-SIP |
| Language | Japanese |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Portscan Detection Based on Low-rankness of Destination Port Matrices |
| Sub Title (in English) | |
| Keyword(1) | Portscan detection |
| Keyword(2) | Backbone network |
| Keyword(3) | Backscatter |
| Keyword(4) | PB-flow bundle |
| Keyword(5) | Destination port matrix |
| Keyword(6) | Low-rankness |
| Keyword(7) | Convex optimization |
| Keyword(8) | |
| 1st Author's Name | Hiroki Nousou |
| 1st Author's Affiliation | Tokyo Institute of Technology (Tokyo Tech) |
| 2nd Author's Name | Masao Yamagishi |
| 2nd Author's Affiliation | Tokyo Institute of Technology (Tokyo Tech) |
| 3rd Author's Name | Isao Yamada |
| 3rd Author's Affiliation | Tokyo Institute of Technology (Tokyo Tech) |
| 4th Author's Name | |
| 4th Author's Affiliation | () |
| 5th Author's Name | |
| 5th Author's Affiliation | () |
| 6th Author's Name | |
| 6th Author's Affiliation | () |
| 7th Author's Name | |
| 7th Author's Affiliation | () |
| 8th Author's Name | |
| 8th Author's Affiliation | () |
| 9th Author's Name | |
| 9th Author's Affiliation | () |
| 10th Author's Name | |
| 10th Author's Affiliation | () |
| 11th Author's Name | |
| 11th Author's Affiliation | () |
| 12th Author's Name | |
| 12th Author's Affiliation | () |
| 13th Author's Name | |
| 13th Author's Affiliation | () |
| 14th Author's Name | |
| 14th Author's Affiliation | () |
| 15th Author's Name | |
| 15th Author's Affiliation | () |
| 16th Author's Name | |
| 16th Author's Affiliation | () |
| 17th Author's Name | |
| 17th Author's Affiliation | () |
| 18th Author's Name | |
| 18th Author's Affiliation | () |
| Speaker | Author-1 |
| Date Time | 2020-03-03 16:15:00 |
| Presentation Time | 25 minutes |
| Registration for | SIP |
| Paper # | EA2019-167, SIP2019-169, SP2019-116 |
| Volume (vol) | vol.119 |
| Number (no) | no.439(EA), no.440(SIP), no.441(SP) |
| Page | pp.385-390 |
| #Pages | 6 |
| Date of Issue | 2020-02-24 (EA, SIP, SP) |
[Return to Top Page]