Nagaonkar et al., 2008 - Google Patents
Detecting stealthy scans and scanning patterns using threshold random walkNagaonkar et al., 2008
View PDF- Document ID
- 2535093728757004491
- Author
- Nagaonkar V
- Mchugh J
- Publication year
External Links
Snippet
Scanning is a precursor to many intrusions and attacks. In the absence of insider or public information about a target network, scanning is the first step in obtaining basic information about the target network. Detecting these initial scans may allow defenders to block potential …
- 238000005295 random walk 0 title description 14
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ndatinya et al. | Network forensics analysis using Wireshark | |
| Yen et al. | Traffic aggregation for malware detection | |
| Almutairi et al. | Hybrid botnet detection based on host and network analysis | |
| Li et al. | A survey of internet worm detection and containment | |
| Wang et al. | Honeypot detection in advanced botnet attacks | |
| Whyte et al. | DNS-based Detection of Scanning Worms in an Enterprise Network. | |
| Acarali et al. | Survey of approaches and features for the identification of HTTP-based botnet traffic | |
| Hunt et al. | Network forensics: an analysis of techniques, tools, and trends | |
| Ling et al. | TorWard: Discovery of malicious traffic over Tor | |
| Griffioen et al. | Discovering Collaboration: Unveiling Slow, Distributed Scanners based on Common Header Field Patterns. | |
| Bou-Harb et al. | Multidimensional investigation of source port 0 probing | |
| Hindy et al. | A taxonomy of malicious traffic for intrusion detection systems | |
| Jeyanthi | Internet of things (IoT) as interconnection of threats (IoT) | |
| Nagesh et al. | A survey on denial of service attacks and preclusions | |
| Ghorbani et al. | Network attacks | |
| Nagaonkar et al. | Detecting stealthy scans and scanning patterns using threshold random walk | |
| Jung | Real-time detection of malicious network activity using stochastic models | |
| EP3595257B1 (en) | Detecting suspicious sources, e.g. for configuring a distributed denial of service mitigation device | |
| Prabadevi et al. | Lattice structural analysis on sniffing to denial of service attacks | |
| US20050147037A1 (en) | Scan detection | |
| Bhuyan et al. | Practical tools for attackers and defenders | |
| Tesfahun et al. | Botnet detection and countermeasures-a survey | |
| Whyte | Network scanning detection strategies for enterprise networks | |
| Verwoerd et al. | Security architecture testing using IDS—a case study | |
| Chavan et al. | Modelling and detection of camouflaging worms—a survey |