Presentation | 2017-03-13 Clustering of Bot Port Scan and Brute-force Activities Shohei Araki, Bo Hu, Yukio Nagafuchi, Takaaki Koyama, Jun Miyoshi, Hajime Shimada, Hiroki Takakura, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Cyber-attacks targeting IoT devices are rapidly spreading. In September 2016, malware called Mirai caused great damages onto the Internet. It is important to clarify malware activities for early-stage measures. In this paper, we propose a clustering method of extracting host groups suspected of similar malware infection. The proposed method decide a high priority port number for narrowing down traffic data efficiently, and then perform clustering for extracting malicious host groups behaving in similar ways. Our proposal can facilitate decision-making of security operators for counter measures in an early stage. In experiment, we showed a holistic view of malicious activities from different host groups and high accuracy achieved by our classification |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Clustering / Port Scan / Brute-force attack / bot classfication / IoT |
Paper # | ICSS2016-46 |
Date of Issue | 2017-03-06 (ICSS) |
Conference Information | |
Committee | ICSS / IPSJ-SPT |
---|---|
Conference Date | 2017/3/13(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | University of Nagasaki |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | System Security, etc. |
Chair | Yutaka Miyake(KDDI R&D Labs.) |
Vice Chair | Yoshiaki Shiraishi(Kobe Univ.) / Takeshi Ueda(Mitsubishi Electric) |
Secretary | Yoshiaki Shiraishi(NII) / Takeshi Ueda(Yokohama National Univ.) |
Assistant | Kazunori Kamiya(NTT) / Takahiro Kasama(NICT) |
Paper Information | |
Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Clustering of Bot Port Scan and Brute-force Activities |
Sub Title (in English) | |
Keyword(1) | Clustering |
Keyword(2) | Port Scan |
Keyword(3) | Brute-force attack |
Keyword(4) | bot classfication |
Keyword(5) | IoT |
1st Author's Name | Shohei Araki |
1st Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
2nd Author's Name | Bo Hu |
2nd Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
3rd Author's Name | Yukio Nagafuchi |
3rd Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
4th Author's Name | Takaaki Koyama |
4th Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
5th Author's Name | Jun Miyoshi |
5th Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
6th Author's Name | Hajime Shimada |
6th Author's Affiliation | Nagoya University(Nagoya Univ.) |
7th Author's Name | Hiroki Takakura |
7th Author's Affiliation | National Institute of Informatics(NII) |
Date | 2017-03-13 |
Paper # | ICSS2016-46 |
Volume (vol) | vol.116 |
Number (no) | ICSS-522 |
Page | pp.pp.1-6(ICSS), |
#Pages | 6 |
Date of Issue | 2017-03-06 (ICSS) |