Knowledge discovery from honeypot data for monitoring malicious attacks

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5360 LNAI, Issue , 2008, Pages 470-481

  Jin, Huidong ^a,b   De Vel, Olivier ^c   Zhang, Ke ^a,b   Liu, Nianjun ^a,b  

^a CSIRO   (Australia)

^b AUSTRALIAN NATIONAL UNIVERSITY   (Australia)

^c DEFENCE SCIENCE AND TECHNOLOGY ORGANISATION   (Australia)

Author keywords

Botnet; Density based cluster visualisation; Honeypot data; Internet security; Knowledge discovery; Outlier detection

Indexed keywords

ARTIFICIAL INTELLIGENCE; BIONICS; CLUSTERING ALGORITHMS; COMPUTER CRIME; INTERNET; VISUALIZATION;

BOTNET; DENSITY-BASED CLUSTER VISUALISATION; HONEYPOT DATA; INTERNET SECURITY; KNOWLEDGE DISCOVERY; OUTLIER DETECTION;

KNOWLEDGE BASED SYSTEMS;

EID: 58349122750     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-89378-3_48     Document Type: Conference Paper

References (13)

1. Barford, P., Yegneswaran, V.: An inside look at botnets. In: Book Series Advances in Information Security: Malware Detection, Part III, vol. 27, pp. 171-191 (2007)
2. The Honeynet Project (ed.): Know Your Enemy: Learning about Security Threats, 2nd edn. Addison Wesley Professional, Reading (May 2004)
3. Provos, N., Holz, T.: Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison-Wesley Professional, Reading (2007)
4. Pouget, F., Dacier, M., Zimmerman, J., Clark, A., Mohay, G.: Internet attack knowledge discovery via clusters and cliques of attack traces. Journal of Information Assurance and Security 1, 21-32 (2006)
5. Grizzard, J.B., Sharma, V., Nunnery, C., Kang, B.B., Dagon, D.: Peer-to-peer botnets: Overview and case study. In: HotBots 2007 (April 2007) Paper No. 1
6. Nazario, J.: Botnet tracking: Tools, techniques, and lessons learned (2007) (accessed November 14, 2007), http://www.blackhat.com/presentations/bh- dc-07/Nazario/Paper/bh-dc-07-Nazario-WP.pdf
7. Ankerst, M., Breunig, M.M., Kriegel, H.P., Sander, J.: OPTICS: ordering points to identify the clustering structure. In: SIGMOD 1999, pp. 49-60 (1999)
8. Han, J., Kamber, M.: Data Mining: Concepts and Techniques, 2nd edn. Morgan Kaufmann Publishers, San Francisco (March 2006)
9. Jin, H., Wong, M.L., Leung, K.S.: Scalable model-based clustering for large data-bases based on data summarization. IEEE Transactions on Pattern Analysis and Machine Intelligence 27(11), 1710-1719 (2005)
10. Ramaswamy, S., Rastogi, R., Shim, K.: Efficient algorithms for mining outliers from large data sets. In: SIGMOD 2000, pp. 427-438 (2000)
11. Breunig, M.M., Kriegel, H.P., Ng, R.T., Sander, J.: LOF: identifying density-based local outliers. In: SIGMOD 2000, pp. 93-104 (2000)
12. Lazarevic, A., Ertöz, L., Kumar, V., Ozgur, A., Srivastava, J.: A comparative study of anomaly detection schemes in network intrusion detection. In: SDM 2003 (2003)
13. Lee, W., Stolfo, S.J.: Data mining approaches for intrusion detection. In: USENIX SSYM 1998, p. 6 (1998)