Advanced search
Publication Cover
International Journal of Computer Mathematics Volume 89, 2012 - Issue 15
Submit an article Journal homepage
259
Views
5
CrossRef citations to date
0
Altmetric
Section A

Statistical cross-relation approach for detecting TCP and UDP random and sequential network scanning (SCANS)

Mohammed Anbar National Advanced IPv6 Centre of Excellence, Universiti Sains Malaysia , Penang, Malaysia
,
Ahmed Manasrah Faculty of Information Technology and Computer Sciences, Yarmouk University , Irbid, Jordan
&
Selvakumar Manickam National Advanced IPv6 Centre of Excellence, Universiti Sains Malaysia , Penang, Malaysia
Pages 1952-1969 | Received 16 Aug 2011, Accepted 21 May 2012, Published online: 19 Jun 2012

References

  • Bay, S. D. , Kibler, D. , Pazzani, M. J. , and Smyth, P. , 2000. The UCI KDD archive of large data sets for data mining research and experimentation , SIGKDD Explor. Newsl. 2 (2) (2000), pp. 81–85.
  • Benesty, J. , Chen, J. , and Huang, Y. , 2009. Pearson Correlation Coefficient Noise Reduction in Speech Processing . Vol. 2. Berlin, Heidelberg: Springer; 2009. pp. 1–4.
  • Gu, G. , Porras, P. , Yegneswaran, V. , Fong, M. , and Lee, W. , 2007. "BotHunter: Detecting malware infection through IDS-driven dialog correlation". In: Proceedings of 16th SENIX Security Symposium on USENIX Security Symposium . Boston, MA: USENIX Association; 2007.
  • Jung, J. , Paxson, V. , Berger, A. , and Balakrishnan, H. , "Fast portscan detection using sequential hypothesis testing". In: IEEE Symposium on Security and Privacy . Oakland, CA, May 2004.
  • Kato, N. , Nitou, H. , Ohta, K. , Mansfield, G. , and Nemoto, Y. , 1999. A real-time intrusion detection system (IDS) for large scale networks and its evaluations , IEICE Trans. Commun. 82 (1999), pp. 1817–1825.
  • Leckie, C. , and Kotagiri, R. , "A probabilistic approach to detecting network scans". In: Proceedings of the Eighth IEEE Network Operations and Management Symposium (NOMS 2002) . Florence, Italy. pp. 359–372, April 2002.
  • Li, P. , Salour, M. , and Su, X. , 2008. A survey of internet worm detection and containment , IEEE Commun. Surv. Tutor. 10 (2008), pp. 20–35.
  • M. Mahoney and P.K. Chan, PHAD: Packet header anomaly detection for identifying hostile network traffic, Florida Institute of Technology technical report CS-2001-04, 2001, pp. 1–17. Available at https://cs.fit.edu/Projects/tech_reports/cs-2001-04.pdf..
  • Massachusetts Institute of Technology, L. L. Available at http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/1998data.html (accessed 14 September 2010)..
  • Moore, D. , Paxson, V. , Savage, S. , Shannon, C. , Staniford, S. , and Weaver, N. , 2003. Inside the slammer worm , IEEE Secur. Priv. 1 (2003), pp. 33–39.
  • NAv6, National Advanced IPv6 Centre of Excellence, 2010. Available at http://nav6.org..
  • Nmap, Free security scanner for network exploration & security. Available at http://www.insecure.org/nmap/..
  • Northcutt, S. , and Novak, J. , 2002. Network Intrusion Detection: An Analyst's Handbook . Thousand Oaks, CA: New Riders Publishing; 2002.
  • Reed, W. , 2001. The Pareto, Zipf and other power laws , Econom. Lett. 74 (2001), pp. 15–19.
  • Roesch, M. , 1999. "Snort – lightweight intrusion detection for networks". In: Proceedings of USENIX LISA'99 . Washington: Seattle; 1999. pp. 7–12, November.
  • C. Shannon, D. Moore, and J. Brown. Code-red: A case study on the spread and victims of an Internet worm, in Proceedings of the Internet Measurement Workshop (IMW), December 2002..
  • Singh, S. , Estan, C. , Varghese, G. , and Savage, S. , 2003. "The earlybird system for real-time detection of unknown worms". In: Citeseer, Tech. Rep. CS2003-0761 . San Diego: University of California; 2003.
  • Smaha, S. E. , 1988. "Haystack: An intrusion detection system". In: Proceedings of the IEEE Fourth Aerospace Computer Security Applications Conference . Los Alamitos, CA: IEEE Computer Society Press; 1988, Orlando, FL.
  • Snort, A free lightweight network intrusion detection system for UNIX and Windows. Available at http://www.snort.org..
  • Staniford, S. , Hoagland, J. A. , and McAlerney, J. M. , 2002. Practical automated detection of stealthy portscans , J. Comput. Secur. 10 (2002), pp. 105–136.
  • de Vivo, M. , Carrasco, E. , Isern, G. , and de Vivo, G. O. , 1999. A review of port scanning techniques , ACM SIGCOMM Comput. Commun. Rev. 29 (1999), pp. 41–48.
  • Zeidanloo, H. R. , Manaf, A. B.A. , Ahmad, R. B. , Zamani, M. , and Chaeikar, S. S. , 2010. A proposed framework for P2P Botnet detection , IACSIT Int. J. Eng. Technol. 2 (2010), pp. 161–168.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.