Network traffic screening using frequent sequential patterns

Hisashi Tsuruta, Takayoshi Shoudai, Jun'ichi Takeuchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.

Original languageEnglish
Title of host publicationIntelligent Control and Innovative Computing
Pages363-375
Number of pages13
DOIs
Publication statusPublished - Jan 16 2012
EventInternational Conference on Advances in Intelligent Control and Innovative Computing - Hong Kong, Hong Kong
Duration: Mar 16 2011Mar 18 2011

Publication series

NameLecture Notes in Electrical Engineering
Volume110 LNEE
ISSN (Print)1876-1100
ISSN (Electronic)1876-1119

Other

OtherInternational Conference on Advances in Intelligent Control and Innovative Computing
CountryHong Kong
CityHong Kong
Period3/16/113/18/11

Fingerprint

Screening
Monitoring
Internet
Botnet
Malware

All Science Journal Classification (ASJC) codes

  • Industrial and Manufacturing Engineering

Cite this

Tsuruta, H., Shoudai, T., & Takeuchi, J. (2012). Network traffic screening using frequent sequential patterns. In Intelligent Control and Innovative Computing (pp. 363-375). (Lecture Notes in Electrical Engineering; Vol. 110 LNEE). https://doi.org/10.1007/978-1-4614-1695-1_28

Network traffic screening using frequent sequential patterns. / Tsuruta, Hisashi; Shoudai, Takayoshi; Takeuchi, Jun'ichi.

Intelligent Control and Innovative Computing. 2012. p. 363-375 (Lecture Notes in Electrical Engineering; Vol. 110 LNEE).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Tsuruta, H, Shoudai, T & Takeuchi, J 2012, Network traffic screening using frequent sequential patterns. in Intelligent Control and Innovative Computing. Lecture Notes in Electrical Engineering, vol. 110 LNEE, pp. 363-375, International Conference on Advances in Intelligent Control and Innovative Computing, Hong Kong, Hong Kong, 3/16/11. https://doi.org/10.1007/978-1-4614-1695-1_28
Tsuruta H, Shoudai T, Takeuchi J. Network traffic screening using frequent sequential patterns. In Intelligent Control and Innovative Computing. 2012. p. 363-375. (Lecture Notes in Electrical Engineering). https://doi.org/10.1007/978-1-4614-1695-1_28
Tsuruta, Hisashi ; Shoudai, Takayoshi ; Takeuchi, Jun'ichi. / Network traffic screening using frequent sequential patterns. Intelligent Control and Innovative Computing. 2012. pp. 363-375 (Lecture Notes in Electrical Engineering).
@inproceedings{81198c58bedc4f89861f4c0c879b6127,
title = "Network traffic screening using frequent sequential patterns",
abstract = "Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.",
author = "Hisashi Tsuruta and Takayoshi Shoudai and Jun'ichi Takeuchi",
year = "2012",
month = "1",
day = "16",
doi = "10.1007/978-1-4614-1695-1_28",
language = "English",
isbn = "9781461416944",
series = "Lecture Notes in Electrical Engineering",
pages = "363--375",
booktitle = "Intelligent Control and Innovative Computing",

}

TY - GEN

T1 - Network traffic screening using frequent sequential patterns

AU - Tsuruta, Hisashi

AU - Shoudai, Takayoshi

AU - Takeuchi, Jun'ichi

PY - 2012/1/16

Y1 - 2012/1/16

N2 - Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.

AB - Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.

UR - http://www.scopus.com/inward/record.url?scp=84855646153&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84855646153&partnerID=8YFLogxK

U2 - 10.1007/978-1-4614-1695-1_28

DO - 10.1007/978-1-4614-1695-1_28

M3 - Conference contribution

AN - SCOPUS:84855646153

SN - 9781461416944

T3 - Lecture Notes in Electrical Engineering

SP - 363

EP - 375

BT - Intelligent Control and Innovative Computing

ER -