Network traffic screening using frequent sequential patterns

Hisashi Tsuruta; Takayoshi Shoudai; Jun'ichi Takeuchi

doi:10.1007/978-1-4614-1695-1_28

Network traffic screening using frequent sequential patterns

Hisashi Tsuruta, Takayoshi Shoudai, Jun'ichi Takeuchi

Mathematical Informatics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.

Original language	English
Title of host publication	Intelligent Control and Innovative Computing
Pages	363-375
Number of pages	13
DOIs	https://doi.org/10.1007/978-1-4614-1695-1_28
Publication status	Published - 2012
Event	International Conference on Advances in Intelligent Control and Innovative Computing - Hong Kong, Hong Kong Duration: Mar 16 2011 → Mar 18 2011

Publication series

Name	Lecture Notes in Electrical Engineering
Volume	110 LNEE
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Other

Other	International Conference on Advances in Intelligent Control and Innovative Computing
Country	Hong Kong
City	Hong Kong
Period	3/16/11 → 3/18/11

All Science Journal Classification (ASJC) codes

Industrial and Manufacturing Engineering

Access to Document

10.1007/978-1-4614-1695-1_28

Fingerprint Dive into the research topics of 'Network traffic screening using frequent sequential patterns'. Together they form a unique fingerprint.

Cite this

Tsuruta, H, Shoudai, T & Takeuchi, J 2012, Network traffic screening using frequent sequential patterns. in Intelligent Control and Innovative Computing. Lecture Notes in Electrical Engineering, vol. 110 LNEE, pp. 363-375, International Conference on Advances in Intelligent Control and Innovative Computing, Hong Kong, Hong Kong, 3/16/11. https://doi.org/10.1007/978-1-4614-1695-1_28

@inproceedings{81198c58bedc4f89861f4c0c879b6127,

title = "Network traffic screening using frequent sequential patterns",

abstract = "Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.",

author = "Hisashi Tsuruta and Takayoshi Shoudai and Jun'ichi Takeuchi",

year = "2012",

doi = "10.1007/978-1-4614-1695-1_28",

language = "English",

isbn = "9781461416944",

series = "Lecture Notes in Electrical Engineering",

pages = "363--375",

booktitle = "Intelligent Control and Innovative Computing",

note = "International Conference on Advances in Intelligent Control and Innovative Computing ; Conference date: 16-03-2011 Through 18-03-2011",

}

TY - GEN

T1 - Network traffic screening using frequent sequential patterns

AU - Tsuruta, Hisashi

AU - Shoudai, Takayoshi

AU - Takeuchi, Jun'ichi

PY - 2012

Y1 - 2012

N2 - Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.

AB - Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.

UR - http://www.scopus.com/inward/record.url?scp=84855646153&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84855646153&partnerID=8YFLogxK

U2 - 10.1007/978-1-4614-1695-1_28

DO - 10.1007/978-1-4614-1695-1_28

M3 - Conference contribution

AN - SCOPUS:84855646153

SN - 9781461416944

T3 - Lecture Notes in Electrical Engineering

SP - 363

EP - 375

BT - Intelligent Control and Innovative Computing

T2 - International Conference on Advances in Intelligent Control and Innovative Computing

Y2 - 16 March 2011 through 18 March 2011

ER -

Network traffic screening using frequent sequential patterns

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Cite this