Communities and Collections
Usage
- 205 views
- 233 downloads
Detecting network portscans through anomaly detection.
-
- Author(s) / Creator(s)
-
In this note, we consider the problem of detecting network portscans through the use of anomaly detection. First, we introduce some static tests for analyzing traffic rates. Then, we make use of two dynamic chi-square tests to detect anomalous packets. Further, we model network traffic as a marked point process and introduce a general portscan model. Simulation results for correct detects and false alarms are presented using this portscan model and the statistical tests.
-
- Date created
- 2004
-
- Subjects / Keywords
-
- Type of Item
- Conference/Workshop Presentation
-
- License
- Copyright 2004 Society of Photo Optical Instrumentation Engineers. One print or electronic copy may be made for personal use only. Systematic reproduction and distribution, duplication of any material in this paper for a fee or for commercial purposes, or modification of the content of the paper are prohibited.