DynamicWEB: A method for reconnaissance activity profiling
Version 2 2025-01-15, 01:17Version 2 2025-01-15, 01:17
Version 1 2023-05-23, 04:15Version 1 2023-05-23, 04:15
conference contribution
posted on 2025-01-15, 01:17 authored by Joel ScanlanJoel Scanlan, JS Hartnett, RN WilliamsPort scan correlation aims to differentiate between benign and malicious scans. In this paper we will examine a new method of profiling port scan activity in an attempt to link different source IP addresses to being the same end user. A data mining approach DynamicWEB based upon the COBWEB conceptual clustering algorithm is shown along with some preliminary results of it functioning within the context of scan correlation. © 2008 IEEE.
History
Publication title
Proceedings 2008 International Symposium on Parallel and Distributed Processing with Applications (ISPA-08)Volume
2Editors
Werner, BPagination
EJISBN
978-0-7695-3471-8Department/School
Information and Communication Technology, Australian Institute of Health Service Management (AIHSM)Publisher
IEEE Computer Society Conference Publishing Services (CPS)Publication status
- Published
Place of publication
Piscataway, NJEvent title
International Symposium on Parallel and Distributed Processing with Applications (ISPA)Event Venue
Sydney AustraliaDate of Event (Start Date)
2008-12-10Date of Event (End Date)
2008-12-12Socio-economic Objectives
220199 Communication technologies, systems and services not elsewhere classifiedUsage metrics
Categories
Keywords
Licence
Exports
RefWorksRefWorks
BibTeXBibTeX
Ref. managerRef. manager
EndnoteEndnote
DataCiteDataCite
NLMNLM
DCDC