- Title
- Inetvis: a graphical aid for the detection and visualisation of network scans
- Creator
- Irwin, Barry V W
- Creator
- van Riel, Jean-Pierre
- Subject
- To be catalogued
- Date Issued
- 2007
- Date
- 2007
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/430381
- Identifier
- vital:72687
- Identifier
- https://www.cs.ru.ac.za/research/g02V2468/publications/Irwin-VizSEC2007_draft.pdf
- Description
- This paper presents an investigative analysis of network scans and scan detection algorithms. Visualisation is employed to review network telescope traffic and identify incidents of scan activity. Some of the identified phenomena appear to be novel forms of host discovery. The scan detection algorithms of Snort and Bro are critiqued by comparing the visualised scans with alert output. Where human assessment disa-grees with the alert output, explanations are sought after by analysing the detection algorithms. The algorithms of the Snort and Bro intrusion detection systems are based on counting unique connection attempts to destination addresses and ports. For Snort, notable false positive and false negative cases result due to a grossly oversimplified method of counting unique destination addresses and ports.
- Format
- 17 pages
- Format
- Language
- English
- Relation
- Conference on Vizualisation Security
- Relation
- Irwin, B. and van Riel, J.P., 2007, October. Inetvis: a graphical aid for the detection and visualisation of network scans. In Conference on Vizualisation Security (VizSec2007)
- Relation
- Conference on Vizualisation Security volume 2007 number 1 1 17 2007 978-3642096884
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the Conference on Vizualisation Security (VizSec2007) Statement https://www.amazon.com/VizSEC-2007-Proceedings-Visualization-Mathematics/dp/3642096883)
- Hits: 66
- Visitors: 72
- Downloads: 8
Collections
Irwin, Barry V W (Prof)
RU Department of Computer Science
SDG 09. Industry, Innovation and Infrastructure
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | Inetvis.pdf | 1 MB | Adobe Acrobat PDF | View Details Download |