The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The value of Intrusion Detection System (IDS) traces is based on being able to meaningfully parse the complex data patterns appearing therein as based on the pre-defined intrusion 'detection' rule sets. As IDS traces monitor large groups of servers, large amounts of network data and also spanning a variety of patterns, efficient analytical approaches are needed to address this big heterogeneous data...
IP flow analysis is an effective way of doing network forensic analysis which aims to detect attack patterns and identify attackers in a given network traffic data. For attacks such as Distributed Denial of Service (DDoS), efficiently identifying the botnet in time can be a challenge. Recently, the unsupervised learning methods such as the K-means, self-organizing map (SOM), and growing hierarchical...
Network anomaly detection aims to detect patterns in a given network traffic data that do not conform to an established normal behavior. Distinguishing different anomaly patterns from large amount of data can be a challenge, let alone visualizing them in a comparative perspective. Recently, the unsupervised learning method such as the K-means [3], self-organizing map (SOM) [2], and growing hierarchical...
Classifying traffic into specific network applications is essential for application-aware network management and it becomes more challenging because modern applications obscure their network behaviors. While port number-based classifiers work only for some well-known applications and signature-based classifiers are not applicable to encrypted packet payloads, researchers tend to classify network traffic...
Broadcast communication prevails for data dissemination and resource discovery. In mission-critical applications, extensive information sharing and coordination endow broadcast with new features: a large number of active broadcast sources, probabilistic broadcast reception and high receiving rate. We identify this type of broadcast traffic as ASP Bcast traffic. Many efforts have been made to authenticate...
In mission-critical networks, command, alerts, and critical data are frequently broadcast over wireless networks. Broadcast traffic must be protected from malicious attacks, wherein sources are impersonated or broadcast packets are forged. Even though broadcast authentication eliminates such attacks, attackers can still launch denial-of-service attacks by injecting substantive false packets, which...
One of the major threats to cyber security is distributed denial of service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS...
Peer-to-peer technique has now become one of the major techniques to exchange digital content between peers of the same interest. However, as the amount of peer-to-peer traffic increases, a network administrator would like to control the network resources consumed by peer-to-peer applications. Due to the use of random ports and protocol encryption, it is hard to identify and apply proper control policies...
With the emergence of active worms, the targets of attacks have been moved from well-known Internet servers to generic Internet hosts, and since the rate at which patches can be applied is always much slower than the spread of a worm, an Internet worm can usually attack or infect millions of hosts in a short time. It is difficult to eliminate Internet attacks globally; thus, protecting client networks...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.