International audienceWe propose in this paper an on-line algorithm based on Bloom filters to detect port scan attacks in IP traffic. Only relevant information about destination IP addresses and destination ports are stored in two steps in a two-dimensional Bloom filter. This algorithm can be indefinitely performed on a real traffic stream thanks to a new adaptive refreshing scheme that closely follows traffic variations. It is a scalable algorithm able to deal with IP traffic at a very high bit rate thanks to the use of hashing functions over a sliding window. Moreover it does not need any a priori knowledge about traffic characteristics. When tested against real IP traffic, the proposed on-line algorithm performs well in the sense that it...
This thesis is a contribution to the field of Internet traffic analysis at the flow level. For traff...
Abstract — Today, the Internet is an essential part of everyday life and many important and crucial ...
We propose a novel and efficient method for on-line detection of network anomalies that lead to chan...
We propose in this paper an on-line algorithm based on Bloom filters for identifying large flows in ...
Port scanning is prevalent in today’s Internet and often has malicious intent. Although many algo-ri...
Considerable research has been done on detecting and block-ing portscan activities that are typicall...
Port scans are continuously used by both worms and human attackers to probe for vulnerabilities in I...
In this paper, we present the design and implementation of a new approach for anomaly detection and ...
In this thesis, I present the method to efficiently detect TCP port scans in very high-speed links. ...
Network security is more and more important today. Port and net scan are the typical preliminary ste...
ENGLISH: Today’s society relies on computer networks. More and more data of vital importance are tra...
Currently, IP networks are constantly harmed by several attack techniques such as port scans, denial...
Standard pattern-matching methods used for deep packet inspection and network security can be evaded...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
This thesis is a contribution to the field of Internet traffic analysis at the flow level. For traff...
Abstract — Today, the Internet is an essential part of everyday life and many important and crucial ...
We propose a novel and efficient method for on-line detection of network anomalies that lead to chan...
We propose in this paper an on-line algorithm based on Bloom filters for identifying large flows in ...
Port scanning is prevalent in today’s Internet and often has malicious intent. Although many algo-ri...
Considerable research has been done on detecting and block-ing portscan activities that are typicall...
Port scans are continuously used by both worms and human attackers to probe for vulnerabilities in I...
In this paper, we present the design and implementation of a new approach for anomaly detection and ...
In this thesis, I present the method to efficiently detect TCP port scans in very high-speed links. ...
Network security is more and more important today. Port and net scan are the typical preliminary ste...
ENGLISH: Today’s society relies on computer networks. More and more data of vital importance are tra...
Currently, IP networks are constantly harmed by several attack techniques such as port scans, denial...
Standard pattern-matching methods used for deep packet inspection and network security can be evaded...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
This thesis is a contribution to the field of Internet traffic analysis at the flow level. For traff...
Abstract — Today, the Internet is an essential part of everyday life and many important and crucial ...
We propose a novel and efficient method for on-line detection of network anomalies that lead to chan...