Abstract
Many times, network intrusion attempts begin with either a network scan, where a connection is attempted to every possible destination in a network, or a port scan, where a connection is attempted to each port on a given destination. Being able to detect such scans can help identify a more dangerous threat to a network, Several techniques exist to automatically detect scans, but these are mostly dependant on some threshold that an attacker could possibly avoid crossing. This paper presents a means to use visualization to detect scans interactively.
| Original language | English (US) |
|---|---|
| Title of host publication | Recent Advances in Intrusion Detection - 8th International Symposium, RAID 2005, Revised Papers |
| Pages | 265-283 |
| Number of pages | 19 |
| DOIs | |
| State | Published - Jul 6 2006 |
| Event | 8th International Symposium on Recent Advances in Intrusion Detection, RAID 2005 - Seattle, WA, United States Duration: Sep 7 2005 → Sep 9 2005 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 3858 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Other
| Other | 8th International Symposium on Recent Advances in Intrusion Detection, RAID 2005 |
|---|---|
| Country | United States |
| City | Seattle, WA |
| Period | 9/7/05 → 9/9/05 |
Fingerprint
Keywords
- Information visualization
- Intrusion detection
- Network scans
- Network security
- Port scans
- User interfaces
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)
Cite this
Interactive visualization for network and port scan detection. / Muelder, Chris; Ma, Kwan-Liu; Bartoletti, Tony.
Recent Advances in Intrusion Detection - 8th International Symposium, RAID 2005, Revised Papers. 2006. p. 265-283 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3858 LNCS).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Interactive visualization for network and port scan detection
AU - Muelder, Chris
AU - Ma, Kwan-Liu
AU - Bartoletti, Tony
PY - 2006/7/6
Y1 - 2006/7/6
N2 - Many times, network intrusion attempts begin with either a network scan, where a connection is attempted to every possible destination in a network, or a port scan, where a connection is attempted to each port on a given destination. Being able to detect such scans can help identify a more dangerous threat to a network, Several techniques exist to automatically detect scans, but these are mostly dependant on some threshold that an attacker could possibly avoid crossing. This paper presents a means to use visualization to detect scans interactively.
AB - Many times, network intrusion attempts begin with either a network scan, where a connection is attempted to every possible destination in a network, or a port scan, where a connection is attempted to each port on a given destination. Being able to detect such scans can help identify a more dangerous threat to a network, Several techniques exist to automatically detect scans, but these are mostly dependant on some threshold that an attacker could possibly avoid crossing. This paper presents a means to use visualization to detect scans interactively.
KW - Information visualization
KW - Intrusion detection
KW - Network scans
KW - Network security
KW - Port scans
KW - User interfaces
UR - http://www.scopus.com/inward/record.url?scp=33745653877&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33745653877&partnerID=8YFLogxK
U2 - 10.1007/11663812_14
DO - 10.1007/11663812_14
M3 - Conference contribution
AN - SCOPUS:33745653877
SN - 3540317783
SN - 9783540317784
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 265
EP - 283
BT - Recent Advances in Intrusion Detection - 8th International Symposium, RAID 2005, Revised Papers
ER -