Tracing sources of anonymous slow suspicious activities

Harsha K. Kalutarage; Siraj A. Shaikh; Qin Zhou; Anne E. James

doi:10.1007/978-3-642-38631-2_10

Tracing sources of anonymous slow suspicious activities

Harsha K. Kalutarage, Siraj A. Shaikh, Qin Zhou, Anne E. James

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.

Original language	English
Title of host publication	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages	122-134
Number of pages	13
Volume	7873 LNCS
DOIs	https://doi.org/10.1007/978-3-642-38631-2_10
Publication status	Published - 2013
Externally published	Yes
Event	7th International Conference on Network and System Security, NSS 2013 - Madrid, Spain Duration: 03 Jun 2013 → 04 Jun 2013

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	7873 LNCS
ISSN (Print)	03029743
ISSN (Electronic)	16113349

Conference

Conference	7th International Conference on Network and System Security, NSS 2013
Country/Territory	Spain
City	Madrid
Period	03/06/2013 → 04/06/2013

ASJC Scopus subject areas

Computer Science(all)
Theoretical Computer Science

Access to Document

10.1007/978-3-642-38631-2_10

Cite this

Kalutarage, H. K., Shaikh, S. A., Zhou, Q., & James, A. E. (2013). Tracing sources of anonymous slow suspicious activities. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7873 LNCS, pp. 122-134). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7873 LNCS). https://doi.org/10.1007/978-3-642-38631-2_10

Kalutarage, Harsha K. ; Shaikh, Siraj A. ; Zhou, Qin et al. / Tracing sources of anonymous slow suspicious activities. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7873 LNCS 2013. pp. 122-134 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{d71a926525d14ab6897fc832e799e954,

title = "Tracing sources of anonymous slow suspicious activities",

abstract = "Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.",

author = "Kalutarage, {Harsha K.} and Shaikh, {Siraj A.} and Qin Zhou and James, {Anne E.}",

year = "2013",

doi = "10.1007/978-3-642-38631-2_10",

language = "English",

isbn = "9783642386305",

volume = "7873 LNCS",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "122--134",

booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

note = "7th International Conference on Network and System Security, NSS 2013 ; Conference date: 03-06-2013 Through 04-06-2013",

}

Kalutarage, HK, Shaikh, SA, Zhou, Q & James, AE 2013, Tracing sources of anonymous slow suspicious activities. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 7873 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7873 LNCS, pp. 122-134, 7th International Conference on Network and System Security, NSS 2013, Madrid, Spain, 03/06/2013. https://doi.org/10.1007/978-3-642-38631-2_10

Tracing sources of anonymous slow suspicious activities. / Kalutarage, Harsha K.; Shaikh, Siraj A.; Zhou, Qin et al.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7873 LNCS 2013. p. 122-134 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7873 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Tracing sources of anonymous slow suspicious activities

AU - Kalutarage, Harsha K.

AU - Shaikh, Siraj A.

AU - Zhou, Qin

AU - James, Anne E.

PY - 2013

Y1 - 2013

N2 - Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.

AB - Tracing down anonymous slow attackers creates number of challenges in network security. Simply analysing all traffic is not feasible. By aggregating information of large volume of events, it is possible to build a clear set of benchmarks of what should be considered as normal over extended period of time and hence to identify anomalies. This paper provides an anomaly based method for tracing down sources of slow suspicious activities in Cyber space. We present the theoretical account of our approach and experimental results.

UR - http://www.scopus.com/inward/record.url?scp=84883379534&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-38631-2_10

DO - 10.1007/978-3-642-38631-2_10

M3 - Conference contribution

AN - SCOPUS:84883379534

SN - 9783642386305

VL - 7873 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 122

EP - 134

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

T2 - 7th International Conference on Network and System Security, NSS 2013

Y2 - 3 June 2013 through 4 June 2013

ER -

Kalutarage HK, Shaikh SA, Zhou Q, James AE. Tracing sources of anonymous slow suspicious activities. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7873 LNCS. 2013. p. 122-134. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-38631-2_10

Tracing sources of anonymous slow suspicious activities

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this