Detecting Scanners: Empirical Assessment on a 3G Network
نویسندگان
چکیده
Malicious agents like self-propagating worms often rely on port or address scanning to discover new potential victims. The ability to detect active scanners based on passive traffic monitoring is an important prerequisite for taking appropriate countermeasures. In this work we evaluate experimentally two common algorithms for scanner detection based on extensive analysis of real traffic traces from a live 3G mobile network. We observe that in practice a large number of alarms are triggered by legitimate applications like peer-to-peer and suggest a new empirical metric for discriminating between worms and p2p scanners.
منابع مشابه
Detecting Overlapping Communities in Social Networks using Deep Learning
In network analysis, a community is typically considered of as a group of nodes with a great density of edges among themselves and a low density of edges relative to other network parts. Detecting a community structure is important in any network analysis task, especially for revealing patterns between specified nodes. There is a variety of approaches presented in the literature for overlapping...
متن کاملAn efficient non-repudiation billing protocol in heterogeneous 3G-WLAN networks
The wireless communication with delivering variety of services to users is growing rapidly in recent years. The third generation of cellular networks (3G), and local wireless networks (WLAN) are the two widely used technologies in wireless networks. 3G networks have the capability of covering a vast area; while, WLAN networks provide higher transmission rates with less coverage. Since the two n...
متن کاملCAT - A Practical Graph & SDL Based Toolkit for Vulnerability Assessment of 3G Networks
This paper presents the Cellular Network Vulnerability Assessment Toolkit CAT, designed for end-to-end vulnerability assessment of 3G networks. It is the first tool of its kind to model and represent 3G network vulnerabilities and attacks as attack graphs. CAT uses freely available 3G telecommunication specifications written in SDL, the standard Specification and Description Language to produce...
متن کاملA Taxonomy of Cyber Attacks on 3G Networks
Cross Network Services are a new breed of services that have spawned from the merger of the Internet and the previously isolated wireless telecommunication network. These services act as a launching pad for a new type of security threat the Cross Infrastructure Cyber Attack. This paper is the first to propose attack taxonomy for 3G networks. The uniqueness of this taxonomy is the inclusion of C...
متن کاملValue network dynamics in 3G–4G wireless communications: A systems thinking approach to strategic value assessment
This article develops a map to analyze the dynamic forces that influence the structure and development of 3G (third generation) wireless communications value networks. The analysis builds on the Strategic Value Assessment Model (Fine, et al. [Fine, Charles H., Vardan, Roger, Pethick, Robert, El Hout, Jamal. Rapid-Response Capability in value chain Design. MIT Sloan Manage Rev 2002, 43(Winter): ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 9 شماره
صفحات -
تاریخ انتشار 2009