Interactive visualization for network and port scan detection

Chris Muelder, Kwan-Liu Ma, Tony Bartoletti

Research output: Chapter in Book/Report/Conference proceedingConference contribution

31 Scopus citations

Abstract

Many times, network intrusion attempts begin with either a network scan, where a connection is attempted to every possible destination in a network, or a port scan, where a connection is attempted to each port on a given destination. Being able to detect such scans can help identify a more dangerous threat to a network, Several techniques exist to automatically detect scans, but these are mostly dependant on some threshold that an attacker could possibly avoid crossing. This paper presents a means to use visualization to detect scans interactively.

Original languageEnglish (US)
Title of host publicationRecent Advances in Intrusion Detection - 8th International Symposium, RAID 2005, Revised Papers
Pages265-283
Number of pages19
DOIs
StatePublished - Jul 6 2006
Event8th International Symposium on Recent Advances in Intrusion Detection, RAID 2005 - Seattle, WA, United States
Duration: Sep 7 2005Sep 9 2005

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3858 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other8th International Symposium on Recent Advances in Intrusion Detection, RAID 2005
CountryUnited States
CitySeattle, WA
Period9/7/059/9/05

Keywords

  • Information visualization
  • Intrusion detection
  • Network scans
  • Network security
  • Port scans
  • User interfaces

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Interactive visualization for network and port scan detection'. Together they form a unique fingerprint.

  • Cite this

    Muelder, C., Ma, K-L., & Bartoletti, T. (2006). Interactive visualization for network and port scan detection. In Recent Advances in Intrusion Detection - 8th International Symposium, RAID 2005, Revised Papers (pp. 265-283). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3858 LNCS). https://doi.org/10.1007/11663812_14