259
Views
5
CrossRef citations to date
0
Altmetric
Section A

Statistical cross-relation approach for detecting TCP and UDP random and sequential network scanning (SCANS)

, &
Pages 1952-1969 | Received 16 Aug 2011, Accepted 21 May 2012, Published online: 19 Jun 2012

References

  • Bay, S. D. , Kibler, D. , Pazzani, M. J. , and Smyth, P. , 2000. The UCI KDD archive of large data sets for data mining research and experimentation , SIGKDD Explor. Newsl. 2 (2) (2000), pp. 81–85.
  • Benesty, J. , Chen, J. , and Huang, Y. , 2009. Pearson Correlation Coefficient Noise Reduction in Speech Processing . Vol. 2. Berlin, Heidelberg: Springer; 2009. pp. 1–4.
  • Gu, G. , Porras, P. , Yegneswaran, V. , Fong, M. , and Lee, W. , 2007. "BotHunter: Detecting malware infection through IDS-driven dialog correlation". In: Proceedings of 16th SENIX Security Symposium on USENIX Security Symposium . Boston, MA: USENIX Association; 2007.
  • Jung, J. , Paxson, V. , Berger, A. , and Balakrishnan, H. , "Fast portscan detection using sequential hypothesis testing". In: IEEE Symposium on Security and Privacy . Oakland, CA, May 2004.
  • Kato, N. , Nitou, H. , Ohta, K. , Mansfield, G. , and Nemoto, Y. , 1999. A real-time intrusion detection system (IDS) for large scale networks and its evaluations , IEICE Trans. Commun. 82 (1999), pp. 1817–1825.
  • Leckie, C. , and Kotagiri, R. , "A probabilistic approach to detecting network scans". In: Proceedings of the Eighth IEEE Network Operations and Management Symposium (NOMS 2002) . Florence, Italy. pp. 359–372, April 2002.
  • Li, P. , Salour, M. , and Su, X. , 2008. A survey of internet worm detection and containment , IEEE Commun. Surv. Tutor. 10 (2008), pp. 20–35.
  • M. Mahoney and P.K. Chan, PHAD: Packet header anomaly detection for identifying hostile network traffic, Florida Institute of Technology technical report CS-2001-04, 2001, pp. 1–17. Available at https://cs.fit.edu/Projects/tech_reports/cs-2001-04.pdf..
  • Massachusetts Institute of Technology, L. L. Available at http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/1998data.html (accessed 14 September 2010)..
  • Moore, D. , Paxson, V. , Savage, S. , Shannon, C. , Staniford, S. , and Weaver, N. , 2003. Inside the slammer worm , IEEE Secur. Priv. 1 (2003), pp. 33–39.
  • NAv6, National Advanced IPv6 Centre of Excellence, 2010. Available at http://nav6.org..
  • Nmap, Free security scanner for network exploration & security. Available at http://www.insecure.org/nmap/..
  • Northcutt, S. , and Novak, J. , 2002. Network Intrusion Detection: An Analyst's Handbook . Thousand Oaks, CA: New Riders Publishing; 2002.
  • Reed, W. , 2001. The Pareto, Zipf and other power laws , Econom. Lett. 74 (2001), pp. 15–19.
  • Roesch, M. , 1999. "Snort – lightweight intrusion detection for networks". In: Proceedings of USENIX LISA'99 . Washington: Seattle; 1999. pp. 7–12, November.
  • C. Shannon, D. Moore, and J. Brown. Code-red: A case study on the spread and victims of an Internet worm, in Proceedings of the Internet Measurement Workshop (IMW), December 2002..
  • Singh, S. , Estan, C. , Varghese, G. , and Savage, S. , 2003. "The earlybird system for real-time detection of unknown worms". In: Citeseer, Tech. Rep. CS2003-0761 . San Diego: University of California; 2003.
  • Smaha, S. E. , 1988. "Haystack: An intrusion detection system". In: Proceedings of the IEEE Fourth Aerospace Computer Security Applications Conference . Los Alamitos, CA: IEEE Computer Society Press; 1988, Orlando, FL.
  • Snort, A free lightweight network intrusion detection system for UNIX and Windows. Available at http://www.snort.org..
  • Staniford, S. , Hoagland, J. A. , and McAlerney, J. M. , 2002. Practical automated detection of stealthy portscans , J. Comput. Secur. 10 (2002), pp. 105–136.
  • de Vivo, M. , Carrasco, E. , Isern, G. , and de Vivo, G. O. , 1999. A review of port scanning techniques , ACM SIGCOMM Comput. Commun. Rev. 29 (1999), pp. 41–48.
  • Zeidanloo, H. R. , Manaf, A. B.A. , Ahmad, R. B. , Zamani, M. , and Chaeikar, S. S. , 2010. A proposed framework for P2P Botnet detection , IACSIT Int. J. Eng. Technol. 2 (2010), pp. 161–168.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.