Internet Observation with ISDAS: How Long Does a Worm Perform Scanning?
暂无分享,去创建一个
We study an estimation of average duration of malicious port-scanning attempts, which would help for an analysis the statistical survey of malicious behaviors and an application to estimate activity of worms spread. This paper reports an average duration of worm activity estimated from random sampling of statistical data actually observed by the Internet Scan Data System, ISDAS.
[1] Abhishek Kumar,et al. Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event , 2005, Internet Measurement Conference.
[2] Masato Terada,et al. How Many Malicious Scanners Are in the Internet? , 2006, WISA.
[3] Hari Balakrishnan,et al. Fast portscan detection using sequential hypothesis testing , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.