Skip to main content
Conference Proceedings

Characterizing network flows for detecting DNS, NTP, and SNMP anomalies

Advances in Intelligent Systems and Computing (2018) 673 327-340
DOI: 10.1007/978-981-10-7245-1_33
4Citations
Citations of this article
3Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Network security can never be assured fully as new attacks are reported every day. Characterizing such new attacks is a challenging task. For detecting anomalies based on specific services, it is desirable to find characteristic features for those service specific anomalies. In this paper, real-time flow-based network traffic captured from a university campus is studied to find if the traditional volume-based analysis of aggregated flows and service specific aggregated flows is useful in detecting service specific anomalies or not. Two existing techniques are also evaluated to find characteristic features of these anomalies. The service specific anomalies: DNS, NTP, and SNMP are considered for study in this paper.

Author supplied keywords

Cite

CITATION STYLE

APA

Sharma, R., Guleria, A., & Singla, R. K. (2018). Characterizing network flows for detecting DNS, NTP, and SNMP anomalies. In Advances in Intelligent Systems and Computing (Vol. 673, pp. 327–340). Springer Verlag. https://doi.org/10.1007/978-981-10-7245-1_33

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free