TY - GEN
T1 - Frequent sequential pattern discovery for data screening
AU - Tsuruta, Hisashi
AU - Shoudai, Takayoshi
AU - Takeuchi, Jun'ichi
PY - 2011/7/26
Y1 - 2011/7/26
N2 - To early detect and defend the threats in the Internet caused by botnet, darknet monitoring is very important to understand various botnet activities. However, common illegal accesses by ordinary malwares makes such detection difficult. In this paper, in order to remove such accesses by ordinary malwares from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns which appear in given traffic data. Besides, we apply our method to traffic data observed in darknet and report the results.
AB - To early detect and defend the threats in the Internet caused by botnet, darknet monitoring is very important to understand various botnet activities. However, common illegal accesses by ordinary malwares makes such detection difficult. In this paper, in order to remove such accesses by ordinary malwares from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns which appear in given traffic data. Besides, we apply our method to traffic data observed in darknet and report the results.
UR - http://www.scopus.com/inward/record.url?scp=79960607141&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=79960607141&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:79960607141
SN - 9789881821034
T3 - IMECS 2011 - International MultiConference of Engineers and Computer Scientists 2011
SP - 315
EP - 322
BT - IMECS 2011 - International MultiConference of Engineers and Computer Scientists 2011
T2 - International MultiConference of Engineers and Computer Scientists 2011, IMECS 2011
Y2 - 16 March 2011 through 18 March 2011
ER -