Library Open Repository
DynamicWEB: A method for reconnaissance activity profiling
Scanlan, J and Hartnett, J and Williams, R (2008) DynamicWEB: A method for reconnaissance activity profiling. In: The 2008 IEEE International Workshop on Cyberspace Safety and Security (CSS2008), 5th December 2008, Sydney, Australia.
css2008.pdf | Request a copy
Full text restricted
Available under University of Tasmania Standard License.
Port scan correlation aims to differentiate between benign and malicious scans. In this paper we will examine a new method of profiling port scan activity in an attempt to link different source IP addresses to being the same end user. A data mining approach DynamicWEB based upon the COBWEB conceptual clustering algorithm is shown along with some preliminary results of it functioning within the context of scan correlation.
|Item Type:||Conference or Workshop Item (Paper)|
|Date Deposited:||14 Jan 2009 00:37|
|Last Modified:||18 Nov 2014 03:54|
|Item Statistics:||View statistics for this item|
Actions (login required)
|Item Control Page|