Identifying Anomalous Port-Specific Network Behavior
نویسنده
چکیده
vi
منابع مشابه
Correlations Between Quiescent Ports in Network Flows
TCP/IP ports which are not in regular use (quiescent ports) can show surges in activity for several reasons. Two examples include the discovery of a vulnerability in an unused (but still present) network service or a new backdoor which runs on an unassigned or obsolete port. Identifying this anomalous activity can be a challenge, however, due to the ever-present background of vertical scanning,...
متن کاملFeature Extraction to Identify Network Traffic with Considering Packet Loss Effects
There are huge petitions of network traffic coming from various applications on Internet. In dealing with this volume of network traffic, network management plays a crucial rule. Traffic classification is a basic technique which is used by Internet service providers (ISP) to manage network resources and to guarantee Internet security. In addition, growing bandwidth usage, at one hand, and limit...
متن کاملOptimization of ICDs' Port Sizes in Smart Wells Using Particle Swarm Optimization (PSO) Algorithm through Neural Network Modeling
Oil production optimization is one of the main targets of reservoir management. Smart well technology gives the ability of real time oil production optimization. Although this technology has many advantages; optimum adjustment or sizing of corresponding valves is still an issue to be solved. In this research, optimum port sizing of inflow control devices (ICDs) which are passive control valves ...
متن کامل~Open Resolvers: Understanding the Origins of Anomalous Open DNS Resolvers
Recent distributed denial-of-service attacks on the Internet have been exploiting necessarily open protocols, such as DNS. The Spamhaus attack is one of the largest ever examples of such attacks. Although much research has been conducted to discuss how to mitigate these threats, little has been done to understand why open resolvers exist in the first place. In particular, 60% of the open resolv...
متن کاملIdentification of Anomalous SNMP Situations Using a Cooperative Connectionist Exploratory Projection Pursuit Model
The work presented in this paper shows the capability of a connectionist model, based on a statistical technique called Exploratory Projection Pursuit (EPP), to identify anomalous situations related to the traffic which travels along a computer network. The main novelty of this research resides on the fact that the connectionist architecture used here has never been applied to the field of IDS ...
متن کامل