Abstract
Detection of sophisticated stealthy network scans requires analyzing large amounts of network data collected over long periods of time. The sheer volume of the data prohibits efficient detection from a pure algorithmic approach. However timely detection of such sophisticated scanning attacks is critical since the attacker employing these approaches is usually well-resourced and potentially can bring high impact to the network than a naive attacker can. To detect such sophisticated scans, we propose the integration of algorithmic detection and visualization for human detection to simultaneously optimize computational complexity and human analyst time. The proposed approach provides real world detection capabilities without excessive computation overhead. We characterize the features of scanning attacks in a graph theory context, propose efficient graph algorithms to extract these features in real time, employ visualization techniques to show the relevant multidimensional characteristics, and provide test scenarios to show that the proposed work is more efficient and effective than previous approaches. © 2013 IEEE.
Recommended Citation
M. X. Cheng et al., "Characterization and Visualization of Sophisticated Scanning Attacks," IEEE International Conference on Communications, pp. 2047 - 2051, article no. 6654827, Institute of Electrical and Electronics Engineers, Jan 2013.
The definitive version is available at https://doi.org/10.1109/ICC.2013.6654827
Department(s)
Computer Science
International Standard Book Number (ISBN)
978-146733122-7
International Standard Serial Number (ISSN)
1550-3607
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2024 Institute of Electrical and Electronics Engineers, All rights reserved.
Publication Date
01 Jan 2013
