DocumentCode :
2012087
Title :
DynamicWEB: A Method for Reconnaissance Activity Profiling
Author :
Scanlan, Joel ; Hartnett, Jacky ; Williams, Raymond
Author_Institution :
Sch. of Comput. & Inf. Syst., Univ. of Tasmania, Hobart, TAS
fYear :
2008
fDate :
10-12 Dec. 2008
Firstpage :
725
Lastpage :
736
Abstract :
Port scan correlation aims to differentiate between benign and malicious scans. In this paper we will examine a new method of profiling port scan activity in an attempt to link different source IP addresses to being the same end user. A data mining approach DynamicWEB based upon the COBWEB conceptual clustering algorithm is shown along with some preliminary results of it functioning within the context of scan correlation.
Keywords :
Internet; data mining; COBWEB conceptual clustering algorithm; DynamicWEB; port scan correlation; reconnaissance activity profiling; Computer crime; Computer hacking; Computer networks; Concurrent computing; Distributed computing; IP networks; Information systems; Internet; Operating systems; Reconnaissance; Data Mining; Detection Profiling; Port Scans;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Parallel and Distributed Processing with Applications, 2008. ISPA '08. International Symposium on
Conference_Location :
Sydney, NSW
Print_ISBN :
978-0-7695-3471-8
Type :
conf
DOI :
10.1109/ISPA.2008.102
Filename :
4725219
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2012087
بازگشت