Presentation | 2005-07-21 A Study on Host Profiling for Incident Analysis Kazuya Ohkouchi, Kenji Rikitake, Koji Nakao, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Profiling is a process to disclose implicit characteristics of a pre-processed data set as the attribute columns. In this paper, we first propose the issues to resolve and applicable scenarios for profiling the implicit characteristics of a security attack based on the packet-capture logs including the IP addresses of the attacking sources. We then show a specific example of a DDoS attack analysis, which discloses implicit characteristics of the involving computer virus by applying the proposed profiling method. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Incident / Profiling / DDoS / Log Analysis |
Paper # | ISEC2005-21,SITE2005-19 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2005/7/14(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Study on Host Profiling for Incident Analysis |
Sub Title (in English) | |
Keyword(1) | Incident |
Keyword(2) | Profiling |
Keyword(3) | DDoS |
Keyword(4) | Log Analysis |
1st Author's Name | Kazuya Ohkouchi |
1st Author's Affiliation | National Institute of Information and Communications Technology:Hitachi, Ltd.() |
2nd Author's Name | Kenji Rikitake |
2nd Author's Affiliation | National Institute of Information and Communications Technology |
3rd Author's Name | Koji Nakao |
3rd Author's Affiliation | National Institute of Information and Communications Technology:KDDI Corporation |
Date | 2005-07-21 |
Paper # | ISEC2005-21,SITE2005-19 |
Volume (vol) | vol.105 |
Number (no) | 193 |
Page | pp.pp.- |
#Pages | 8 |
Date of Issue |