FAST PORTSCAN DETECTION USING SEQUENTIAL HYPOTHESIS TESTING PDF

Skip to search form Skip to main content You are currently offline. Some features of the site may not work correctly. DOI: Attackers routinely perform random portscans of IP addresses to find vulnerable servers to compromise.

Author:Dounos Kazijinn
Country:Colombia
Language:English (Spanish)
Genre:Literature
Published (Last):13 September 2018
Pages:256
PDF File Size:1.26 Mb
ePub File Size:14.76 Mb
ISBN:795-8-61161-518-9
Downloads:37519
Price:Free* [*Free Regsitration Required]
Uploader:Brahn



Skip to search form Skip to main content You are currently offline. Some features of the site may not work correctly.

DOI: Attackers routinely perform random portscans of IP addresses to find vulnerable servers to compromise. Network intrusion detection systems NIDS attempt to detect such behavior and flag these portscanners as malicious. An important need in such systems is prompt response: the sooner a NIDS detects malice, the lower the resulting damage.

At the same time, a NIDS should not falsely implicate benign remote hosts as malicious. View on IEEE. Save to Library. Create Alert. Launch Research Feed. Share This Paper. Figures, Tables, and Topics from this paper. Figures and Tables. Citations Publications citing this paper. Slow port scanning detection Mehiar Dabbagh , Ali J. Network intrusion detection techniques for single source and coordinated scans Dana Zhang Computer Science Adaptive sequential methods for detecting network intrusions Xinjia Chen , Ernest G.

Walker Engineering Defense, Security, and Sensing References Publications referenced by this paper. Hoagland , Joseph M. McAlerney Computer Science J. A network security monitor L. Todd Herberlein , Gihan V. Surveillance detection in high bandwidth environments Seth Robertson , Eric V. Siegel , Matthew Miller , Salvatore J. Related Papers. By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy , Terms of Service , and Dataset License.

AO4932 DATASHEET PDF

Fast portscan detection using sequential hypothesis testing

We present two light-weight worm detection algorithms that offer significant advantages over fixed-threshold methods. The first algorithm, RBS rate-based sequential hypothesis testing , aims at the large class of worms that attempts to quickly propagate, thus exhibiting abnormal levels of the rate at which hosts initiate connections to new destinations. The foundation of RBS derives from the theory of sequential hypothesis testing, the use of which for detecting randomly scanning hosts was first introduced by our previous work developing TRW [6]. The sequential hypothesis testing methodology enables us to engineer detectors to meet specific targets for false-positive and false-negative rates, rather than triggering when fixed thresholds are crossed. In this sense, the detectors that we introduce are truly adaptive.

DR SIMEONS POUNDS & INCHES PDF

Fast Detection of Scanning Worm Infections

.

HOLGER BABINSKY PDF

On the Adaptive Real-Time Detection of Fast-Propagating Network Worms

.

EL OTRO REY MAGO HENRY VAN DYKE PDF

.

Related Articles