New Sequential Methods for Detecting Portscanners
نویسنده
چکیده
In this paper, we propose new sequential methods for detecting port-scan attackers which routinely perform random “portscans” of IP addresses to find vulnerable servers to compromise. In addition to rigorously control the probability of falsely implicating benign remote hosts as malicious, our method performs significantly faster than other current solutions. Moreover, our method guarantees that the maximum amount of observational time is bounded. In contrast to the previous most effective method, Threshold Random Walk Algorithm, which is explicit and analytical in nature, our proposed algorithm involve parameters to be determined by numerical methods. We have developed computational techniques such as iterative minimax optimization for quick determination of the parameters of the new detection algorithm. A framework of multi-valued decision for testing portscanners is also proposed.
منابع مشابه
Real-time detection of malicious network activity using stochastic models
This dissertation develops approaches to rapidly detect malicious network traffic including packets sent by portscanners and network worms. The main hypothesis is that stochastic models capturing a host’s particular connection-level behavior provide a good foundation for identifying malicious network activity in real-time. Using the models, the dissertation shows that a detection problem can be...
متن کاملIdentifying the software and their families using the exploration techniques of sequential patterns in dynamic analysis
Nowadays, crypto-ransomware is considered as one of the most threats in cybersecurity. Crypto ransomware removes data access by encrypting valuable data and requests a ransom payment to allow data decryption. As ransomware is still new in the field of cybersecurity, there are few pieces of research focusing on detecting ransomware samples. Most published works considered System File and process...
متن کاملCapability of the Stochastic Seismic Inversion in Detecting the Thin Beds: a Case Study at One of the Persian Gulf Oilfields
The aim of seismic inversion is mapping all of the subsurface structures from seismic data. Due to the band-limited nature of the seismic data, it is difficult to find a unique solution for seismic inversion. Deterministic methods of seismic inversion are based on try and error techniques and provide a smooth map of elastic properties, while stochastic methods produce high-resolution maps of el...
متن کاملDesign and Test of New Robust QCA Sequential Circuits
One of the several promising new technologies for computing at nano-scale is quantum-dot cellular automata (QCA). In this paper, new designs for different QCA sequential circuits are presented. Using an efficient QCA D flip-flop (DFF) architecture, a 5-bit counter, a novel single edge generator (SEG) and a divide-by-2 counter are implemented. Also, some types of oscillators, a new edge-t...
متن کاملA TRUST-REGION SEQUENTIAL QUADRATIC PROGRAMMING WITH NEW SIMPLE FILTER AS AN EFFICIENT AND ROBUST FIRST-ORDER RELIABILITY METHOD
The real-world applications addressing the nonlinear functions of multiple variables could be implicitly assessed through structural reliability analysis. This study establishes an efficient algorithm for resolving highly nonlinear structural reliability problems. To this end, first a numerical nonlinear optimization algorithm with a new simple filter is defined to locate and estimate the most ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1204.1935 شماره
صفحات -
تاریخ انتشار 2012