The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The representation of Internet traffic as connection graphs augments anomaly detection systems by providing insight on the structural connection properties, i.e., who-talks-to-whom. However, these graphs are extremely large and one has to decide in advance on which aspect to focus. In the context of malware detection, this is difficult as malware often mimics legitimate traffic. In this paper, we...
More and more Internet services are hosted by Content Distribution Networks or Cloud operators. Often, IP addresses are reused for several services, and the mapping between domain names and IPs has become highly agile. This complicates the analysis of monitoring data, as it is not clear anymore which IP address represents which service at which time. We propose a system that continuously monitors...
In this paper we review state-of-the-art botnet detection algorithms that reveal the control traffic of malicious peer-to-peer (P2P) networks by targeting topological properties of their interconnectivity graph. This class of detection methods does not rely on the exchanged content and therefore is also applicable to encrypted control traffic. However, in practice, an ISP monitoring customer traffic...
The System architecture presented in this paper is developed in DEMONS project of the European FP7 framework project to realize the trustworthy multi-domain network with collaborative and decentralized security and privacy monitoring system. The system architecture so developed comprises of five sub-systems: (i) programmable monitoring nodes called BlockMon nodes providing the monitoring infrastructure...
Collaboration of defensive network components of multiple operators is a promising approach for increasing anomaly detection accuracy. This concept involves sharing of possibly sensitive data, hence privacy preservation has to be taken into account. In this paper, we argue that common approaches for sharing traffic information often impede proper analysis due to privacy-preserving mangling operations,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.