| Presentation | 2009-11-13 A Consideration of Feature Extraction for Attacks on Darknet Yoshiro FUKUSHIMA, Yoshiaki HORI, Kouichi SAKURAI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Network monitoring is very important to early detect and defend the threats in the Internet caused by worm's scanning activities and DDoS attacks. However, it is difficult to detect the subtle attacks which send only a few packets because these small traffic are missed by other traffic. Moreover, it is said that attacks by recent botnets are carried out on a small scale, so it is important to detect and analyze such the subtle attacks. In this paper, we propose the method which focuses on the average number of packets sent by a source address and its frequency of appearances. Besides, we apply our proposal to the traffic observed in darknet, and we consider the result by cluster analysis to the obtained result. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Darknet Monitoring / Incident Detection / Slow Scan Detection / Botnet / Cluster Analysis |
| Paper # | ICSS2009-60 |
| Date of Issue |
| Conference Information | |
| Committee | ICSS |
|---|---|
| Conference Date | 2009/11/6(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information and Communication System Security (ICSS) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Consideration of Feature Extraction for Attacks on Darknet |
| Sub Title (in English) | |
| Keyword(1) | Darknet Monitoring |
| Keyword(2) | Incident Detection |
| Keyword(3) | Slow Scan Detection |
| Keyword(4) | Botnet |
| Keyword(5) | Cluster Analysis |
| 1st Author's Name | Yoshiro FUKUSHIMA |
| 1st Author's Affiliation | Graduate School of Information Science and Electrical Engineering, Kyushu University:Faculty of Information Science and Electrical Engineering, Kyushu University() |
| 2nd Author's Name | Yoshiaki HORI |
| 2nd Author's Affiliation | Graduate School of Information Science and Electrical Engineering, Kyushu University:Faculty of Information Science and Electrical Engineering, Kyushu University |
| 3rd Author's Name | Kouichi SAKURAI |
| 3rd Author's Affiliation | Graduate School of Information Science and Electrical Engineering, Kyushu University:Faculty of Information Science and Electrical Engineering, Kyushu University |
| Date | 2009-11-13 |
| Paper # | ICSS2009-60 |
| Volume (vol) | vol.109 |
| Number (no) | 285 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |