Automated packet trace analysis of TCP implementations
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
Hi-index | 0.00 |
We proposed a technique merged from a combination of both anomaly and graphical methods, for intrusion detection. The network is pictured as a community of hosts that exchange messages among themselves. Our aim is to graphically highlight those hosts that represent a possible threat for the network, so that a network administrator will be able to further explore the anomaly and decide upon the responses that are appropriate. We choose to test our view against the DARPA 99 intrusion detection and evaluation dataset since it provides labels which we can use to monitor our system. Experiments show our visualization technique as a possible alternative for detection of network intrusions, in particular Denial of Service (DoS) and Distributed-DoS attacks such as Ping Of Death, UDP storm, SSH Process Table, and Smurf, to name a few.