Research Article
An Improved Method for Anomaly-Based Network Scan Detection
579 downloads
@INPROCEEDINGS{10.1007/978-3-319-28865-9_21, author={Ashton Webster and Margaret Gratian and Ryan Eckenrod and Daven Patel and Michel Cukier}, title={An Improved Method for Anomaly-Based Network Scan Detection}, proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2016}, month={2}, keywords={Machine learning Network intrusion detection Anomaly-based detection Network security Scanning}, doi={10.1007/978-3-319-28865-9_21} }- Ashton Webster
Margaret Gratian
Ryan Eckenrod
Daven Patel
Michel Cukier
Year: 2016
An Improved Method for Anomaly-Based Network Scan Detection
SECURECOMM
Springer
DOI: 10.1007/978-3-319-28865-9_21
Abstract
Network scans, a form of network attacker reconnaissance, often preface dangerous attacks. While many anomaly-based network scan detection methods are available, they are rarely implemented in real networks due to high false positive rates and a lack of justification for the chosen attribute sets and machine learning algorithms. In this paper, we propose a new method of scan detection by selecting and testing combinations of attribute sets, machine learning algorithms, and lower bounded data to find a Local Optimal Model.
Copyright © 2015–2024 ICST
