Title :
Graph-based analysis in network security
Author :
Collins, M. Patrick
Author_Institution :
Redjack, LLC, Silver Spring, MD, USA
Abstract :
Traffic graph analysis has become an increasingly useful tool in network security. By summarizing the aggregate activity of a particular service or network using graph based representations, it is possible to model normal activity using a variety of different attributes which are not easily identified or exploited by attackers. In this paper, we discuss several examples of analysis using traffic graphs and demonstrate its potential for scan detection, identifying hitlist attackers, and identifying spammers.
Keywords :
graph theory; telecommunication networks; telecommunication security; telecommunication traffic; hitlist attacker identification; network security; scan detection; spammer identification; traffic graph analysis; Aggregates; Analytical models; IP networks; Intrusion detection; Servers; Social network services;
Conference_Titel :
MILITARY COMMUNICATIONS CONFERENCE, 2011 - MILCOM 2011
Conference_Location :
Baltimore, MD
Print_ISBN :
978-1-4673-0079-7
DOI :
10.1109/MILCOM.2011.6127488
