Please use this identifier to cite or link to this item:
http://hdl.handle.net/10773/13676
Title: | Identification of source applications for enhanced traffic analysis and anomaly detection |
Author: | Zúquete, A. Rocha, M. |
Issue Date: | Jun-2012 |
Publisher: | IEEE |
Abstract: | This article presents an architecture for managing the identification of applications responsible for generating traffic in a network. The identification is to be explored by network auditing systems, which cooperate with surveyed systems to get the relevant information about the source applications. The ultimate goal of the system is to provide network auditors, such as NIDS, enough information about the exact sources of network traffic. This way, auditors are able to detect unauthorized applications or to detect anomalies in the traffic created by known applications, possibly as a consequence of the action of some malware in the source application or host. |
Peer review: | yes |
URI: | http://hdl.handle.net/10773/13676 |
DOI: | 10.1109/ICC.2012.6364951 |
ISBN: | 978-1-4577-2052-9 |
ISSN: | 1550-3607 |
Appears in Collections: | DETI - Comunicações |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
2012-06-Identification of Source Applications for Enhanced Traffic Analysis and Anomaly Detection.pdf | Main article | 224.82 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.