| Presentation | 2012-03-09 Expanding Darknet Space with Virtual Sensors Kazuhiro TOBE, Shigeki GOTO, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Only anomalous traffic can be monitored in a network consisting of assigned but unused IP addresses (darknet). Although a darknet requires a large amount of IP addresses, it is difficult to acquire unused IP address space dedicated to network monitoring on a large scale. Some studies have proposed automatically detecting unused IP addresses (Virtual Dark IP addresses, VDIPs) and port numbers (Virtual Dark Ports, VDPs) as virtual sensors leveraged to monitor the network. Nevertheless, quantitative analyses on virtual sensor space have been incomplete. The purpose of this study is to expand virtual sensor space using features on the usage of IP addresses and port numbers. Also, this study aims to shorten the processing time to detect virtual sensors automatically. Our key findings from several evaluation experiments in an actual network with the /16 prefix are as follows: Setting appropriate parameters in the VDIP detection algorithm, the processing time can be reduced more than half without decreasing the number of VDIPs, the false detection of VDIPs can be moderated, and the changes in used IP addresses over time can be reflected into virtual sensor space; also, virtual sensor space consisting of VDPs can cover up to 99.98 percent of the network and expand the coverage of virtual sensor space consisting of VDIPs by up to 6.84 points. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | network security / network monitoring / darknet / virtual sensor |
| Paper # | IN2011-189 |
| Date of Issue |
| Conference Information | |
| Committee | IN |
|---|---|
| Conference Date | 2012/3/1(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Networks (IN) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Expanding Darknet Space with Virtual Sensors |
| Sub Title (in English) | |
| Keyword(1) | network security |
| Keyword(2) | network monitoring |
| Keyword(3) | darknet |
| Keyword(4) | virtual sensor |
| 1st Author's Name | Kazuhiro TOBE |
| 1st Author's Affiliation | Graduate School of Fundamental Science and Engineering, Waseda University() |
| 2nd Author's Name | Shigeki GOTO |
| 2nd Author's Affiliation | Graduate School of Fundamental Science and Engineering, Waseda University |
| Date | 2012-03-09 |
| Paper # | IN2011-189 |
| Volume (vol) | vol.111 |
| Number (no) | 469 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |