Detecting Stealthy Spreaders by Random Aging Streaming Filters
نویسندگان
چکیده
Detecting spreaders, or scan sources, helps intrusion detection systems (IDS) identify potential attackers. The existing work can only detect aggressive spreaders that scan a large number of distinct destinations in a short period of time. However, stealthy spreaders may perform scanning deliberately at a low rate. We observe that these spreaders can easily evade the detection because current IDS’s have serious limitations. Being lightweight, the proposed scheme can detect scan sources in high speed networking while residing in SRAM. By theoretical analysis and experiments on real Internet traffic traces, we demonstrate that the proposed scheme detects stealthy spreaders successfully. key words: network security, intrusion detection, spreader detection, port scan, anomaly detection
منابع مشابه
An Approximate Duplicate-Elimination in RFID Data Streams Based on d-Left Time Bloom Filter
Article history: Received 6 March 2010 Received in revised form 16 July 2011 Accepted 18 July 2011 Available online 31 July 2011 The RFID technology has been applied to a wide range of areas since it does not require contact in detecting RFID tags. However, due to the multiple readings in many cases in detecting an RFID tag and the deployment of multiple readers, RFID data contains many duplica...
متن کاملAn online framework for catching top spreaders and scanners
1389-1286/$ see front matter 2009 Elsevier B.V doi:10.1016/j.comnet.2009.12.003 * Corresponding author. Tel.: +852 31634296. E-mail addresses: [email protected] (X. S edu.hk (D.-M. Chiu), [email protected] (J.C.S. Lu Flow level information is important for many applications in network measurement and analysis. In this work, we tackle the ‘‘Top Spreaders” and ‘‘Top Scanners” problems, wh...
متن کاملCollective influence maximization in threshold models of information cascading with first-order transitions
In spreading dynamics in social networks, there exists an optimal set of influencers whose activation can induce a global-scale cascade of information. To find the optimal, or minimal, set of spreaders, a method based on collective influence theory has been proposed for spreading dynamics with a continuous phase transition that can be mapped to optimal percolation. However, when it comes to dif...
متن کاملOptimum Stealthy Aircraft Detection Using a Multistatic Radar Hassan
Radar systems, based on Multistatic radar concept attracted a substantial attention in the recent years. The paper proposes system geometry for S-band Multistatic radar. This technique is used for detecting and tracking the small cross section area and stealthy aircrafts. The proposed geometrical structures are studied with different radars spacing to extend the detection coverage over the Mono...
متن کاملA process of rumour scotching on finite populations
Rumour spreading is a ubiquitous phenomenon in social and technological networks. Traditional models consider that the rumour is propagated by pairwise interactions between spreaders and ignorants. Only spreaders are active and may become stiflers after contacting spreaders or stiflers. Here we propose a competition-like model in which spreaders try to transmit an information, while stiflers ar...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IEICE Transactions
دوره 94-B شماره
صفحات -
تاریخ انتشار 2011