SCOPUS 정보 검색 플랫폼

IEEE Transactions on Information Forensics and Security

Volumn 6, Issue 1, 2011, Pages 175-188

Towards situational awareness of large-scale botnet probing events

(4) Li, Zhichun a Goyal, Anup b Chen, Yan c Paxson, Vern d

a NEC LABORATORIES AMERICA (United States)

b YAHOO RESEARCH (United States)

c Northwestern University (United States)

d UNIVERSITY OF CALIFORNIA (United States)

Author keywords

Botnet; computer network security; global property extrapolation; honeynet; scan strategy inference; site security monitoring; situational awareness; statistical inference

Indexed keywords

BOTNET; GLOBAL PROPERTIES; HONEYNET; SCAN STRATEGY INFERENCE; SITE SECURITY MONITORING; SITUATIONAL AWARENESS; STATISTICAL INFERENCE;

EXTRAPOLATION; INTERNET; PROBES; SCANNING; STATISTICAL METHODS;

NETWORK SECURITY;

EID: 79951817047 PISSN: 15566013 EISSN: None Source Type: Journal
DOI: 10.1109/TIFS.2010.2086445 Document Type: Article

Times cited : (52)

References (28)

1
- 79951838415
- [Online]. Available
- Adrian Lamo Charged With Computer Crimes [Online]. Available: http://www.securityfocus.com/news/6888
- Adrian Lamo Charged with Computer Crimes

2
- 14944369649
- Characteristics of internet background radiation
- R. Pang, V. Yegneswaran, P. Barford, V. Paxson, and L. Peterson, "Characteristics of internet background radiation," in Proc. ACM IMC, Taormina, Sicily, Italy, 2004.
- (2004) Proc. ACM IMC, Taormina, Sicily, Italy
- Pang, R.¹ Yegneswaran, V.² Barford, P.³ Paxson, V.⁴ Peterson, L.⁵

3
- 85093822270
- A case study of the rustock rootkit and spam bot
- K. Chiang and L. Lloyd, "A case study of the rustock rootkit and spam bot," in Proc. USENIX Hot Bots, Atlanta, GA, 2007.
- (2007) Proc. USENIX Hot Bots, Atlanta, GA
- Chiang, K.¹ Lloyd, L.²

4
- 34547399387
- A multifaceted approach to understanding the botnet phenomenon
- M. Rajab, J. Zarfoss, F. Monrose, and A. Terzis, "A multifaceted approach to understanding the botnet phenomenon," in Proc. ACM IMC, Rio de Janeiro, Brazil, 2006.
- (2006) Proc. ACM IMC, Rio de Janeiro, Brazil
- Rajab, M.¹ Zarfoss, J.² Monrose, F.³ Terzis, A.⁴

5
- 36149000473
- SANS Institute [Online]. Available
- SANS Institute, Dshield.org: Distributed Intrusion Detection System [Online]. Available: http://www.dshield.org/
- Dshield.org: Distributed Intrusion Detection System

6
- 85084163190
- A virtual honeypot framework
- N. Provos, "A virtual honeypot framework," in Proc. USENIXSecurity, San Diego, CA, 2004.
- (2004) Proc. USENIXSecurity, San Diego, CA
- Provos, N.¹

7
- 26844548971
- [Online] Available
- P. Bacher, T. Holz, M. Kotter, and G. Wicherski, Know Your Enemy: Tracking Botnets [Online]. Available: http://www.honeynet.org/papers/bots
- Know Your Enemy: Tracking Botnets
- Bacher, P.¹ Holz, T.² Kotter, M.³ Wicherski, G.⁴

8
- 34547427252
- Semi-automated discovery of application session structure
- J. Kannan et al., "Semi-automated discovery of application session structure," in Proc. ACM IMC, Rio de Janeiro, Brazil, 2006.
- (2006) Proc. ACM IMC, Rio de Janeiro, Brazil
- Kannan, J.¹

9
- 69849109516
- Using honeynets for internet situational awareness
- V. Yegneswaran, P. Barford, and V. Paxson, "Using honeynets for internet situational awareness," in Proc. ACM Hotnets IV, College Park, MD, 2005.
- (2005) Proc. ACM Hotnets IV, College Park, MD
- Yegneswaran, V.¹ Barford, P.² Paxson, V.³

10
- 77953328281
- Measurement and diagnosis of address-misconfigured P2P traffic
- Z. Li, A. Goyal, Y. Chen, and A. Kuzmanovic, "Measurement and diagnosis of address-misconfigured P2P traffic," in Proc. IEEE INFOCOM, San Diego, CA, 2010.
- (2010) Proc. IEEE INFOCOM, San Diego, CA
- Li, Z.¹ Goyal, A.² Chen, Y.³ Kuzmanovic, A.⁴

11
- 16344396406
- Monitoring and early warning for internet worms
- C. C. Zou et al., "Monitoring and early warning for internet worms," in Prof. ACM CCS, Washington, DC, 2003.
- (2003) Prof. ACM CCS, Washington, DC
- Zou, C.C.¹

12
- 34547417246
- An Inside Look at Botnets, ser
- New York: Springer
- P. Barford and V. Yegneswaran, An Inside Look at Botnets, ser. In Series: Advances in Information Security. New York: Springer, 2006.
- (2006) Series: Advances in Information Security
- Barford, P.¹ Yegneswaran, V.²

13
- 85084162258
- How to own the internet in your spare time
- S. Staniford et al., "How to own the internet in your spare time," in Proc. USENIX Security, San Francisco, CA, 2002.
- (2002) Proc. USENIX Security, San Francisco, CA
- Staniford, S.¹

14
- 0003882111
- London U.K.: Griffin
- M. G. Kendall, Rank Correlation Methods. London, U.K.: Griffin, 1976.
- (1976) Rank Correlation Methods
- Kendall, M.G.¹

15
- 0003516768
- Belmont CA: Duxbury Press
- J. A. Rice, Mathematical Statistics and Data Analysis. Belmont, CA: Duxbury Press, 1994.
- (1994) Mathematical Statistics and Data Analysis
- Rice, J.A.¹

16
- 14544269664
- [Online] Available
- W. E. Weisstein, Stirling Number of the Second Kind [Online]. Available: http://mathworld.wolfram.com/StirlingNumberoftheSecondKind.html
- Stirling Number of the Second Kind
- Weisstein, W.E.¹

17
- 85058835823
- Mapping internet sensors with probe response attacks
- Baltimore, MD
- J. Bethencourt, J. Franklin, and M. Vernon, "Mapping internet sensors with probe response attacks," in Proc. USENIX Security, Baltimore, MD, 2005.
- (2005) Proc. USENIX Security
- Bethencourt, J.¹ Franklin, J.² Vernon, M.³

18
- 79951824148
- Tech. Rep. TR1577
- J. Cai, V. Yesneswaran, C. Alfeld, and P. Barfard, Honeynets and Honeygames: A Game Theoretic Approach to Defending Network Monitors University ofWiscconsin, Tech. Rep. TR1577, 2006.
- (2006) Honeynets and Honeygames: A Game Theoretic Approach to Defending Network Monitors University OfWiscconsin
- Cai, J.¹ Yesneswaran, V.² Alfeld, C.³ Barfard, P.⁴

19
- 79951842874
- [Online] Available
- OS Platform Statistics by W3school [Online]. Available: http://www. w3schools.com/browsers/browsers-stats.asp
- OS Platform Statistics by W3school

20
- 79951819194
- [Online] Available
- AP Market Sharing [Online]. Available: http://news.com.com/Microsofts+Wi- Fi+ups+and+downs/2100-1039-3-994518
- AP Market Sharing

21
- 79951847209
- A technique for counting NATted hosts
- S. Bellovin et al., "A technique for counting NATted hosts," in Proc. USENIX/ACM IMW, Marseille, France, 2002.
- (2002) Proc. USENIX/ACM IMW, Marseille, France
- Bellovin, S.¹

22
- 79951832178
- [Online] Available
- Net-Worm.Win32Allaple.a [Online]. Available: http://www.viruslist. com/en/viruses/encyclopedia?virusid=145521
- Net-Worm.Win32Allaple.a

23
- 77952395048
- Automating analysis of large-scale botnet probing events
- Z. Li, A. Goyal, Y. Chen, and V. Paxson, "Automating analysis of large-scale botnet probing events," in Proc. ACM Asia CCS, Sydney, Australia, 2009.
- (2009) Proc. ACM Asia CCS, Sydney, Australia
- Li, Z.¹ Goyal, A.² Chen, Y.³ Paxson, V.⁴

24
- 79960561313
- Collaborating against common enemies
- S. Katti, B. Krishnamurhy, and D. Katabi, "Collaborating against common enemies," in Proc. ACMIMC, Berkeley, CA, 2005.
- (2005) Proc. ACMIMC, Berkeley, CA
- Katti, S.¹ Krishnamurhy, B.² Katabi, D.³

25
- 79951834025
- [Online] Available
- Honey Bow Sensor [Online]. Available: http://honeybow.mwcollect.org
- Honey Bow Sensor

26
- 79951840412
- [Online] Available
- Honeysnap [Online]. Available: http://www.honeynet.org/tools/honeysnap/ index.html
- Honeysnap

27
- 0742276097
- Inside the slammer worm
- D. Moore et al., "Inside the slammer worm," IEEE Security Privacy Mag., vol. 1, no. 4, pp. 33-39, 2003.
- (2003) IEEE Security Privacy Mag. , vol.1 , Issue.4 , pp. 33-39
- Moore, D.¹

28
- 84878701299
- Exploiting underlying structure for detailed reconstruction of an internet scale event
- A. Kumar, V. Paxson, and N. Weaver, "Exploiting underlying structure for detailed reconstruction of an internet scale event," in Proc. ACM IMC, Berkeley, CA, 2005.
- (2005) Proc. ACM IMC, Berkeley, CA
- Kumar, A.¹ Paxson, V.² Weaver, N.³

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.