文章基本信息

标题：Two Pass Port Scan Detection Technique Based on Connection Pattern and Status on Sampled Data
本地全文：下载
作者：Sunil Kumar ; Kamlesh Dutta ; Ankit Asati 等
期刊名称：Journal of Computer and Communications
印刷版ISSN：2327-5219
电子版ISSN：2327-5227
出版年度：2015
卷号：03
期号：09
页码：1-8
DOI：10.4236/jcc.2015.39001
语种：English
出版社：Scientific Research Publishing
摘要：Anomaly detection is now very important in the network because the increasing use of the internet and security of a network or user is a main concern of any network administrator. As the use of the internet increases, so the chances of having a threat or attack in the network are also increasing day by day and traffic in the network is also increasing. It is very difficult to analyse all the traffic data in network for finding the anomaly in the network and sampling provides a way to analyse the anomalies in network with less traffic data. In this paper, we propose a port scan detection approach called CPST uses connection status and pattern of the connections to detect a particular source is scanner or benign host. We also show that this approach works efficiently under different sampling methods.
关键词：Port Scan;TRW;TAPS;CPST;Packet Sampling;Flow Sampling