ERA

Download the full-sized PDF of Detecting network portscans through anomaly detection.Download the full-sized PDF

Analytics

Share

Permanent link (DOI): https://doi.org/10.7939/R38911S11

Download

Export to: EndNote  |  Zotero  |  Mendeley

Communities

This file is in the following communities:

Mathematical and Statistical Sciences, Department of

Collections

This file is in the following collections:

Research Publications (Mathematical and Statistical Sciences)

Detecting network portscans through anomaly detection. Open Access

Descriptions

Author or creator
Kim, Hyukjoon
Kim, Surrey
Kouritzin, Michael
Sun, Wei
Additional contributors
Subject/Keyword
marked point process
network portscan
anomaly detection
chi-square test
z-test
Type of item
Conference/workshop Presentation
Language
English
Place
Time
Description
In this note, we consider the problem of detecting network portscans through the use of anomaly detection. First, we introduce some static tests for analyzing traffic rates. Then, we make use of two dynamic chi-square tests to detect anomalous packets. Further, we model network traffic as a marked point process and introduce a general portscan model. Simulation results for correct detects and false alarms are presented using this portscan model and the statistical tests.
Date created
2004
DOI
doi:10.7939/R38911S11
License information
Rights
Copyright 2004 Society of Photo Optical Instrumentation Engineers. One print or electronic copy may be made for personal use only. Systematic reproduction and distribution, duplication of any material in this paper for a fee or for commercial purposes, or modification of the content of the paper are prohibited.
Citation for previous publication
J. Kim, S. Kim, M.A. Kouritzin, and W. Sun, "Detecting network portscans through anomaly detection", in Signal Processing, Sensor Fusion and Target Recognition XIII, the 2004 Proceedings of SPIE, 5429 (2004) 254-263. doi:10.1117/12.546127
Source
Link to related item

File Details

Date Uploaded
Date Modified
2014-04-24T23:39:55.526+00:00
Audit Status
Audits have not yet been run on this file.
Characterization
File format: pdf (Portable Document Format)
Mime type: application/pdf
File size: 222285
Last modified: 2015:10:12 16:06:04-06:00
Filename: SPIE_2004_5429_254.pdf
Original checksum: 26129b5598b96b68f799d95f4a001871
Well formed: true
Valid: true
Page count: 10
Activity of users you follow
User Activity Date