Library Open Repository

DynamicWEB: A method for reconnaissance activity profiling

Downloads

Downloads per month over past year

Scanlan, J and Hartnett, J and Williams, R (2008) DynamicWEB: A method for reconnaissance activity profiling. In: The 2008 IEEE International Workshop on Cyberspace Safety and Security (CSS2008), 5th December 2008, Sydney, Australia.

[img] PDF
css2008.pdf | Request a copy
Full text restricted
Available under University of Tasmania Standard License.

Abstract

Port scan correlation aims to differentiate between benign and malicious scans. In this paper we will examine a new method of profiling port scan activity in an attempt to link different source IP addresses to being the same end user. A data mining approach DynamicWEB based upon the COBWEB conceptual clustering algorithm is shown along with some preliminary results of it functioning within the context of scan correlation.

Item Type: Conference or Workshop Item (Paper)
Date Deposited: 14 Jan 2009 00:37
Last Modified: 18 Nov 2014 03:54
URI: http://eprints.utas.edu.au/id/eprint/8206
Item Statistics: View statistics for this item

Repository Staff Only (login required)

Item Control Page Item Control Page