- Title
- An Analysis of Network Scanning Traffic as it relates to Scan-Detection in Network Intrusion Detection Systems
- Creator
- Barnett, Richard J
- Creator
- Irwin, Barry V W
- Date Issued
- 2008
- Date
- 2008
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/428156
- Identifier
- vital:72490
- Identifier
- https://www.researchgate.net/profile/Barry-Ir-win/publication/326225058_An_Analysis_of_Network_Scanning_Traffic_as_it_relates_to_Scan-Detec-tion_in_Network_Intrusion_Detection_Systems/links/5b3f21eaa6fdcc8506ffe659/An-Analysis-of-Network-Scanning-Traffic-as-it-relates-to-Scan-Detection-in-Network-Intrusion-Detection-Systems.pdf
- Description
- Network Intrusion Detection is, in a modern network, a useful tool to de-tect a wide variety of malicious traffic. The ever present prevalence of scanning activity on the Internet is fair justification to warrant scan de-tection as a component of network intrusion detection. Whilst current systems are able to perform scan-detection, the methods they use are often flawed and exhibit an inability to detect scans in an efficient and scalable manner. Existing research by van Riel and Irwin has illustrated a number of flaws present in the open source systems Snort and Bro. This paper builds on this by describing current research at Rhodes Uni-versity in which these flaws are being addressed. In particular, this re-search will address the flaws in the scan-detection engines in Snort and Bro by developing new plug-ins for these systems which take into con-sideration the improvements which are identified over the course of the research.
- Format
- 2 pages
- Format
- Language
- English
- Relation
- Proceedings of Southern African Telecommunication Networks and Applications Conference (SATNAC)
- Relation
- Barnett, R.J. and Irwin, B., 2008. An Analysis of Network Scanning Traffic as it relates to Scan-Detection in Network Intrusion Detection Systems. In Southern Africa Telecommunication Networks and Applications Conference (SATNAC)
- Relation
- Proceedings of Southern African Telecommunication Networks and Applications Conference (SATNAC) volume 2008 number 1 1 2 2008 Conference
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the Southern Africa Telecommunication Networks and Applications Conference (SA TNAC) Statement (https://www.satnac.org.za/)
- Hits: 80
- Visitors: 85
- Downloads: 7
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | An Analysis of Network Scanning Traffic as it relates to Scan-Detection in Network Intrusion Detection Systems.pdf | 126 KB | Adobe Acrobat PDF | View Details Download |