TY - GEN
T1 - IP flow data correlation with inference rules
AU - Jiang, Ci Bin
AU - Li, Jung Shian
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2012
Y1 - 2012
N2 - In recent years, IP flow identification in botnet detection attracts attentions in network security. IP flows associated with bot masters can be used to trace the botnet source. Most botnets suffer a large of IP-based attacks. This paper attempts to explore the correlations between attack behaviors and IP flows. By data collection, sets of functions concerning inference rules and conversion of data format, this paper successfully identifies the botnet attacks by IP flows and the inference patterns. The IP flow-based intrusion detection can efficiently find alert data correlation.
AB - In recent years, IP flow identification in botnet detection attracts attentions in network security. IP flows associated with bot masters can be used to trace the botnet source. Most botnets suffer a large of IP-based attacks. This paper attempts to explore the correlations between attack behaviors and IP flows. By data collection, sets of functions concerning inference rules and conversion of data format, this paper successfully identifies the botnet attacks by IP flows and the inference patterns. The IP flow-based intrusion detection can efficiently find alert data correlation.
UR - http://www.scopus.com/inward/record.url?scp=83255161990&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=83255161990&partnerID=8YFLogxK
U2 - 10.4028/www.scientific.net/AMR.403-408.1211
DO - 10.4028/www.scientific.net/AMR.403-408.1211
M3 - Conference contribution
AN - SCOPUS:83255161990
SN - 9783037853122
T3 - Advanced Materials Research
SP - 1211
EP - 1213
BT - MEMS, NANO and Smart Systems
T2 - 2011 7th International Conference on MEMS, NANO and Smart Systems, ICMENS 2011
Y2 - 4 November 2011 through 6 November 2011
ER -