Behavior analysis of long-term cyber attacks in the darknet

Authors:
Tao Ban;Lei Zhu;Junpei Shimamura;Shaoning Pang;Daisuke Inoue;Koji Nakao
Affiliations:
National Institute of Information and Communications Technology, Tokyo, Japan;National Institute of Information and Communications Technology, Tokyo, Japan;National Institute of Information and Communications Technology, Tokyo, Japan;National Institute of Information and Communications Technology, Tokyo, Japan;National Institute of Information and Communications Technology, Tokyo, Japan;National Institute of Information and Communications Technology, Tokyo, Japan
Venue:
ICONIP'12 Proceedings of the 19th international conference on Neural Information Processing - Volume Part V
Year:
2012

Citing 12
Cited 0

The nature of statistical learning theory

The nature of statistical learning theory
Towards a taxonomy of intrusion-detection systems

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Defining and Evaluating Greynets (Sparse Darknets)

LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
Data reduction for the scalable automated analysis of distributed darknet traffic

IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
A Novel Sliding Window Based Change Detection Algorithm for Asymmetric Traffic

NPC '08 Proceedings of the 2008 IFIP International Conference on Network and Parallel Computing
Wavelet-Based Unwanted Traffic Time Series Analysis

ICCEE '08 Proceedings of the 2008 International Conference on Computer and Electrical Engineering
On the Benefits of Early Filtering of Botnet Unwanted Traffic

ICCCN '09 Proceedings of the 2009 Proceedings of 18th International Conference on Computer Communications and Networks
An incident analysis system NICTER and its analysis engines based on data mining techniques

ICONIP'08 Proceedings of the 15th international conference on Advances in neuro-information processing - Volume Part I
A PCA Analysis of Daily Unwanted Traffic

AINA '10 Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications
LIBSVM: A library for support vector machines

ACM Transactions on Intelligent Systems and Technology (TIST)
Correlation Analysis between Spamming Botnets and Malware Infected Hosts

SAINT '11 Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet
Towards Situational Awareness of Large-Scale Botnet Probing Events

IEEE Transactions on Information Forensics and Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Darknet monitoring provides us an effective way to countermeasure cyber attacks that pose a significant threat to network security and management. This paper aims to characterize the behavior of long term cyber attacks by mining the darknet traffic data collected by the nicter project. Machine learning techniques such as clustering, classification, function regression are applied to the study with promising results reported.