TY - GEN
T1 - Network traffic screening using frequent sequential patterns
AU - Tsuruta, Hisashi
AU - Shoudai, Takayoshi
AU - Takeuchi, Jun'ichi
N1 - Funding Information:
This research is supported by the National Institute of Information and Communications Technology (NICT) of Japan, entitled “Research and Development for Widespread High-speed Incident Analysis”.
PY - 2012
Y1 - 2012
N2 - Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.
AB - Darknet monitoring is very important for understanding various botnet activities for early detection and defense the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, we propose a data screening method based on finding frequent sequential patterns that appear in given traffic data. We applied our method to traffic data observed in the darknet and report the results.
UR - http://www.scopus.com/inward/record.url?scp=84855646153&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84855646153&partnerID=8YFLogxK
U2 - 10.1007/978-1-4614-1695-1_28
DO - 10.1007/978-1-4614-1695-1_28
M3 - Conference contribution
AN - SCOPUS:84855646153
SN - 9781461416944
T3 - Lecture Notes in Electrical Engineering
SP - 363
EP - 375
BT - Intelligent Control and Innovative Computing
T2 - International Conference on Advances in Intelligent Control and Innovative Computing
Y2 - 16 March 2011 through 18 March 2011
ER -