Title :
Remote NAT Detect Algorithm Based on Support Vector Machine
Author :
Li Rui ; Zhu Hongliang ; Xin Yang ; Yang, Xin ; Wang Cong
Author_Institution :
Inf. Security Center, Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
The Network Address Translation (NAT) technique resolved the IPv4 address shortage problem effectively. Meanwhile, it brings issues to network management. Unauthorized NAT devices may be a significant security problem. Attackers may conduct malicious activities by using computers hidden behind unauthorized NAT. The remote NAT detect algorithm is proposed based on support vector machine method. Different from previous researches, it dose not depend on any special field in any packet. The network traffic is represented by 8 features and filtered by activity value which is calculated by the proposed function. Then, the support vector machine method is applied to analyze the feature vectors and tell which ones are from hosts behind NAT. The implementation shows that the accuracy and specificity of the algorithm is much higher when there are more hosts behind the NAT device.
Keywords :
computer network security; support vector machines; telecommunication network management; telecommunication traffic; transport protocols; IPv4 address shortage problem; malicious activity; network address translation technique; network filtering; network management; network traffic; remote NAT detect algorithm; security problem; support vector machine; Clocks; Counting circuits; Intrusion detection; Laboratories; Network address translation; Operating systems; Support vector machine classification; Support vector machines; TCPIP; Telecommunication traffic;
Conference_Titel :
Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4994-1
DOI :
10.1109/ICIECS.2009.5365286
