Share Email Print
cover

Proceedings Paper

Detecting network portscans through anomoly detection
Author(s): Hyukjoon Kim; Surrey Kim; Michael Alexander Kouritzin; Wei Sun
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

In this note, we consider the problem of detecting network portscans through the use of anomaly detection. First, we introduce some static tests for analyzing traffic rates. Then, we make use of two dynamic chi-square tests to detect anomalous packets. Further, we model network traffic as a marked point process and introduce a general portscan model. Simulation results for correct detects and false alarms are presented using this portscan model and the statistical tests.

Paper Details

Date Published: 9 August 2004
PDF: 10 pages
Proc. SPIE 5429, Signal Processing, Sensor Fusion, and Target Recognition XIII, (9 August 2004); doi: 10.1117/12.546127
Show Author Affiliations
Hyukjoon Kim, Random Knowledge Inc. (Canada)
Surrey Kim, Random Knowledge Inc. (Canada)
Michael Alexander Kouritzin, Random Knowledge Inc. (Canada)
Wei Sun, Random Knowledge Inc. (Canada)


Published in SPIE Proceedings Vol. 5429:
Signal Processing, Sensor Fusion, and Target Recognition XIII
Ivan Kadar, Editor(s)

© SPIE. Terms of Use
Back to Top