Tracing sources of anonymous slow suspicious activities

Harsha K. Kalutarage, Siraj A. Shaikh, Qin Zhou, Anne E. James

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages122-134
Number of pages13
Volume7873 LNCS
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event7th International Conference on Network and System Security, NSS 2013 - Madrid, Spain
Duration: 03 Jun 201304 Jun 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7873 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Conference

Conference7th International Conference on Network and System Security, NSS 2013
CountrySpain
CityMadrid
Period03/06/201304/06/2013

Fingerprint

Network security
Tracing
Anomaly
Network Security
Period of time
Traffic
Benchmark
Experimental Results

Cite this

Kalutarage, H. K., Shaikh, S. A., Zhou, Q., & James, A. E. (2013). Tracing sources of anonymous slow suspicious activities. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7873 LNCS, pp. 122-134). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7873 LNCS). https://doi.org/10.1007/978-3-642-38631-2_10
Kalutarage, Harsha K. ; Shaikh, Siraj A. ; Zhou, Qin ; James, Anne E. / Tracing sources of anonymous slow suspicious activities. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7873 LNCS 2013. pp. 122-134 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{d71a926525d14ab6897fc832e799e954,
title = "Tracing sources of anonymous slow suspicious activities",
abstract = "Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.",
author = "Kalutarage, {Harsha K.} and Shaikh, {Siraj A.} and Qin Zhou and James, {Anne E.}",
year = "2013",
doi = "10.1007/978-3-642-38631-2_10",
language = "English",
isbn = "9783642386305",
volume = "7873 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "122--134",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

}

Kalutarage, HK, Shaikh, SA, Zhou, Q & James, AE 2013, Tracing sources of anonymous slow suspicious activities. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 7873 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7873 LNCS, pp. 122-134, 7th International Conference on Network and System Security, NSS 2013, Madrid, Spain, 03/06/2013. https://doi.org/10.1007/978-3-642-38631-2_10

Tracing sources of anonymous slow suspicious activities. / Kalutarage, Harsha K.; Shaikh, Siraj A.; Zhou, Qin; James, Anne E.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7873 LNCS 2013. p. 122-134 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7873 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Tracing sources of anonymous slow suspicious activities

AU - Kalutarage, Harsha K.

AU - Shaikh, Siraj A.

AU - Zhou, Qin

AU - James, Anne E.

PY - 2013

Y1 - 2013

N2 - Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.

AB - Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.

UR - http://www.scopus.com/inward/record.url?scp=84883379534&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-38631-2_10

DO - 10.1007/978-3-642-38631-2_10

M3 - Conference contribution

AN - SCOPUS:84883379534

SN - 9783642386305

VL - 7873 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 122

EP - 134

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -

Kalutarage HK, Shaikh SA, Zhou Q, James AE. Tracing sources of anonymous slow suspicious activities. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7873 LNCS. 2013. p. 122-134. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-38631-2_10