IP flow data correlation with inference rules

Ci Bin Jiang; Jung-Shian Li

doi:10.4028/www.scientific.net/AMR.403-408.1211

IP flow data correlation with inference rules

Ci Bin Jiang, Jung-Shian Li

Institute of Computer and Communication Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

In recent years, IP flow identification in botnet detection attracts attentions in network security. IP flows associated with bot masters can be used to trace the botnet source. Most botnets suffer a large of IP-based attacks. This paper attempts to explore the correlations between attack behaviors and IP flows. By data collection, sets of functions concerning inference rules and conversion of data format, this paper successfully identifies the botnet attacks by IP flows and the inference patterns. The IP flow-based intrusion detection can efficiently find alert data correlation.

Original language	English
Title of host publication	MEMS, NANO and Smart Systems
Pages	1211-1213
Number of pages	3
DOIs	https://doi.org/10.4028/www.scientific.net/AMR.403-408.1211
Publication status	Published - 2012 Jan 1
Event	2011 7th International Conference on MEMS, NANO and Smart Systems, ICMENS 2011 - Kuala Lumpur, Malaysia Duration: 2011 Nov 4 → 2011 Nov 6

Publication series

Name	Advanced Materials Research
Volume	403-408
ISSN (Print)	1022-6680

Other

Other	2011 7th International Conference on MEMS, NANO and Smart Systems, ICMENS 2011
Country	Malaysia
City	Kuala Lumpur
Period	11-11-04 → 11-11-06

All Science Journal Classification (ASJC) codes

Engineering(all)

Access to Document

10.4028/www.scientific.net/AMR.403-408.1211

Fingerprint Dive into the research topics of 'IP flow data correlation with inference rules'. Together they form a unique fingerprint.

Cite this

Jiang, C. B., & Li, J-S. (2012). IP flow data correlation with inference rules. In MEMS, NANO and Smart Systems (pp. 1211-1213). (Advanced Materials Research; Vol. 403-408). https://doi.org/10.4028/www.scientific.net/AMR.403-408.1211

@inproceedings{724f7abc11d7441ca54696393eb47db5,

title = "IP flow data correlation with inference rules",

abstract = "In recent years, IP flow identification in botnet detection attracts attentions in network security. IP flows associated with bot masters can be used to trace the botnet source. Most botnets suffer a large of IP-based attacks. This paper attempts to explore the correlations between attack behaviors and IP flows. By data collection, sets of functions concerning inference rules and conversion of data format, this paper successfully identifies the botnet attacks by IP flows and the inference patterns. The IP flow-based intrusion detection can efficiently find alert data correlation.",

author = "Jiang, {Ci Bin} and Jung-Shian Li",

year = "2012",

month = jan,

day = "1",

doi = "10.4028/www.scientific.net/AMR.403-408.1211",

language = "English",

isbn = "9783037853122",

series = "Advanced Materials Research",

pages = "1211--1213",

booktitle = "MEMS, NANO and Smart Systems",

note = "2011 7th International Conference on MEMS, NANO and Smart Systems, ICMENS 2011 ; Conference date: 04-11-2011 Through 06-11-2011",

}

TY - GEN

T1 - IP flow data correlation with inference rules

AU - Jiang, Ci Bin

AU - Li, Jung-Shian

PY - 2012/1/1

Y1 - 2012/1/1

N2 - In recent years, IP flow identification in botnet detection attracts attentions in network security. IP flows associated with bot masters can be used to trace the botnet source. Most botnets suffer a large of IP-based attacks. This paper attempts to explore the correlations between attack behaviors and IP flows. By data collection, sets of functions concerning inference rules and conversion of data format, this paper successfully identifies the botnet attacks by IP flows and the inference patterns. The IP flow-based intrusion detection can efficiently find alert data correlation.

AB - In recent years, IP flow identification in botnet detection attracts attentions in network security. IP flows associated with bot masters can be used to trace the botnet source. Most botnets suffer a large of IP-based attacks. This paper attempts to explore the correlations between attack behaviors and IP flows. By data collection, sets of functions concerning inference rules and conversion of data format, this paper successfully identifies the botnet attacks by IP flows and the inference patterns. The IP flow-based intrusion detection can efficiently find alert data correlation.

UR - http://www.scopus.com/inward/record.url?scp=83255161990&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=83255161990&partnerID=8YFLogxK

U2 - 10.4028/www.scientific.net/AMR.403-408.1211

DO - 10.4028/www.scientific.net/AMR.403-408.1211

M3 - Conference contribution

AN - SCOPUS:83255161990

SN - 9783037853122

T3 - Advanced Materials Research

SP - 1211

EP - 1213

BT - MEMS, NANO and Smart Systems

T2 - 2011 7th International Conference on MEMS, NANO and Smart Systems, ICMENS 2011

Y2 - 4 November 2011 through 6 November 2011

ER -