University of Tasmania
Browse

DynamicWEB: A method for reconnaissance activity profiling

Download (404.09 kB)
Version 2 2025-01-15, 01:17
Version 1 2023-05-23, 04:15
conference contribution
posted on 2025-01-15, 01:17 authored by Joel ScanlanJoel Scanlan, JS Hartnett, RN Williams
Port scan correlation aims to differentiate between benign and malicious scans. In this paper we will examine a new method of profiling port scan activity in an attempt to link different source IP addresses to being the same end user. A data mining approach DynamicWEB based upon the COBWEB conceptual clustering algorithm is shown along with some preliminary results of it functioning within the context of scan correlation. © 2008 IEEE.

History

Publication title

Proceedings 2008 International Symposium on Parallel and Distributed Processing with Applications (ISPA-08)

Volume

2

Editors

Werner, B

Pagination

EJ

ISBN

978-0-7695-3471-8

Department/School

Information and Communication Technology, Australian Institute of Health Service Management (AIHSM)

Publisher

IEEE Computer Society Conference Publishing Services (CPS)

Publication status

  • Published

Place of publication

Piscataway, NJ

Event title

International Symposium on Parallel and Distributed Processing with Applications (ISPA)

Event Venue

Sydney Australia

Date of Event (Start Date)

2008-12-10

Date of Event (End Date)

2008-12-12

Socio-economic Objectives

220199 Communication technologies, systems and services not elsewhere classified

Usage metrics

    University Of Tasmania

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC