Detecting Scanners: Empirical Assessment on a 3G Network

Malicious agents like self-propagating worms often rely on port or address scanning to discover new potential victims. The ability to detect active scanners based on passive traffic monitoring is an important prerequisite for taking appropriate countermeasures. In this work we evaluate experimentally two common algorithms for scanner detection based on extensive analysis of real traffic traces from a live 3G mobile network. We observe that in practice a large number of alarms are triggered by legitimate applications like peer-to-peer and suggest a new empirical metric for discriminating between worms and p2p scanners.

並列關鍵字

Anomaly detection ； mobile networks ； scanning detection

被引用紀錄

周建榮（2009）。以密度泛函微擾理論研究高介電氧化物LaAlO3之聲子軟化現象〔碩士論文，淡江大學〕。華藝線上圖書館。https://doi.org/10.6846/TKU.2009.00414

Chung, C. M. (2014). Quantum Monte Carlo Study of Two Component Bosons and Entanglement [doctoral dissertation, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2014.00402

Liang, J. Q. (2006). 三氧化二鐵奈米線之氧缺陷濃度及其特性研究 [master's thesis, National Tsing Hua University]. Airiti Library. https://doi.org/10.6843/NTHU.2006.00615

翁嘉駿（2010）。自組式有機金屬汽相磊晶系統(MOCVD) LabVIEW自動控制程式設計和低溫氮化鎵磊晶成長及其光電特性研究〔碩士論文，國立交通大學〕。華藝線上圖書館。https://doi.org/10.6842/NCTU.2010.00912

楊舒涵（2013）。社交虛擬產品經驗對社交購物價值之影響－以消費者獨特性需求與產品類型為干擾變數〔碩士論文，國立臺北科技大學〕。華藝線上圖書館。https://doi.org/10.6841/NTUT.2013.00283

國際替代計量

Detecting Scanners: Empirical Assessment on a 3G Network

全文下載

主題瀏覽