• DocumentCode
    2918759
  • Title

    Detection of Port and Network Scan Using Time Independent Feature Set

  • Author

    Baig, Habib Ullah ; Kamran, Farrukh

  • Author_Institution
    Center for Adv. Studies in Eng., Islamabad
  • fYear
    2007
  • fDate
    23-24 May 2007
  • Firstpage
    180
  • Lastpage
    184
  • Abstract
    Probes or network scans are designed to identify security vulnerabilities of a network and are precursor to most of the cyber attacks. Slow, random and distributed attacks are the most difficult to detect. Extensive training over longer packet traces or larger detection window size can give better results but requires larger memory. A model based on Time Independent Feature Set is proposed here, which can efficiently detect slow and random attacks in real time with reduce memory needs. The proposed model has been tested using DARPA 99 data set.
  • Keywords
    Internet; computer crime; probability; telecommunication network reliability; telecommunication security; DDoS attacks; Internet; cyber attacks; distributed attacks; network scan detection; port scan detection; probability; random attack detection; security vulnerability identification; slow attack detection; time independent feature set; Computer aided software engineering; Computer security; Data security; Design engineering; IP networks; Intrusion detection; Network servers; Probes; Reconnaissance; Web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligence and Security Informatics, 2007 IEEE
  • Conference_Location
    New Brunswick, NJ
  • Electronic_ISBN
    1-4244-1329-X
  • Type

    conf

  • DOI
    10.1109/ISI.2007.379554
  • Filename
    4258693
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2918759