| Grégr, M.: Portscan detection using NetFlow data, In: Proceedings of the 16th Conference Student EEICT 2010 Volume 5, Brno, CZ, FIT VUT, 2010, p. 229-233, ISBN 978-80-214-4080-7 | | Publication language: | english |
|---|
| Original title: | Portscan detection using NetFlow data |
|---|
| Title (cs): | Detekce skenování pomocí dat NetFlow |
|---|
| Pages: | 229-233 |
|---|
| Proceedings: | Proceedings of the 16th Conference Student EEICT 2010 Volume 5 |
|---|
| Conference: | Student EEICT 2010 |
|---|
| Place: | Brno, CZ |
|---|
| Year: | 2010 |
|---|
| ISBN: | 978-80-214-4080-7 |
|---|
| Publisher: | Faculty of Information Technology BUT |
|---|
| URL: | http://www.feec.vutbr.cz/EEICT/2010/sbornik/03-Doktorske_projekty/09-Pocitacove_systemy/02-xgregr01.pdf [PDF] |
|---|
| Keywords |
|---|
NetFlow, port scan detection, security, decision tree
|
| Annotation |
|---|
Portscan detection methods are usually focused on enterprise networks where the traffic volume is low. Portscan detection on high speed backbone networks has however different requirements. This paper introduces a method for detection of portscans on a university backbone
network using NetFlow data, collected by hardware accelerated NetFlow probes.
|
| Abstract |
|---|
|
| BibTeX: |
|---|
@INPROCEEDINGS{
author = {Matěj Grégr},
title = {Portscan detection using NetFlow data},
pages = {229--233},
booktitle = {Proceedings of the 16th Conference Student EEICT 2010 Volume
5},
year = {2010},
location = {Brno, CZ},
publisher = {Faculty of Information Technology BUT},
ISBN = {978-80-214-4080-7},
language = {english},
url = {http://www.fit.vutbr.cz/research/view_pub.php?id=9339}
} |
|
Faculty of Information Technology