Title :
Network abuse detection via flow content characterization
Author :
Kharrazi, Mehdi ; Shanmugasundaram, Kulesh ; Memon, Nasir
Author_Institution :
Dept. of Electr. & Comput. Eng., Polytech. Univ. Brooklyn, NY, USA
Abstract :
One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.
Keywords :
authorisation; computer network management; packet switching; peer-to-peer computing; resource allocation; telecommunication security; telecommunication traffic; flow content characterization; network abuse detection; peer-to-peer networks; security policies; unauthorized applications; Availability; Computer networks; Face detection; Intrusion detection; Peer to peer computing; Personnel; Protocols; Telecommunication traffic; Tunneling; Web server;
Conference_Titel :
Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC
Print_ISBN :
0-7803-8572-1
DOI :
10.1109/IAW.2004.1437829
