- Title
- Observed correlations of unsolicited network traffic over five distinct IPv4 netblocks
- Creator
- Nkhumeleni, Thiswilondi M, Irwin, Barry V W
- Subject
- To be catalogued
- Date
- 2015
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/430408
- Identifier
- vital:72689
- Identifier
- https://www.academic-bookshop.com/ourshop/prod_3774091-ICCWS-2015-10th-International-Conference-on-Cyber-Warfare-and-Security-Kruger-National-Park-South-Africa-PRINT-ver-ISBN-978191030996.html
- Description
- Using network telescopes to monitor unused IP address space provides a favorable environment for researchers to study and detect malware, denial of service and scanning activities within global IPv4 address space. This research focuses on comparative and correlation analysis of traffic activity across the network of telescope sensors. Analysis is done using data collected over a 12 month period on five network telescopes each with an aperture size of/24, operated in disjoint IPv4 address space. These were considered as two distinct groupings. Time series’ representing time-based traffic activity observed on these sensors was constructed. Using the cross-and auto-correlation methods of time series analysis, moderate correlation of traffic activity was achieved between telescope sensors in each category. Weak to moderate correlation was calculated when comparing category A and category B network telescopes’ datasets. Results were significantly improved by considering TCP traffic separately. Moderate to strong correlation coefficients in each category were calculated when using TCP traffic only. UDP traffic analysis showed weaker correlation between sensors, however the uniformity of ICMP traffic showed correlation of traffic activity across all sensors. The results confirmed the visual observation of traffic relativity in telescope sensors within the same category and quantitatively analyzed the correlation of network telescopes’ traffic activity.
- Format
- 8 pages, pdf
- Language
- English
- Relation
- Proceedings of the10th International Conference on Cyber Warfare and Security, Irwin, B. and Nkhumeleni, T.M., 2015, February. Observed correlations of unsolicited network traffic over five distinct IPv4 netblocks. In Proceedings of the10th International Conference on Cyber Warfare and Security (ICCWS 2015). IGI Global, Hershey, PA (Vol. 17033, pp. 135-43), Proceedings of the10th International Conference on Cyber Warfare and Security volume 2015 number 1 135 143 2015 2048-9870
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the Academic Conferences and Publishing International Limited Statement (https://www.academic-bookshop.com/)
- Hits: 107
- Visitors: 111
- Downloads: 7
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details | SOURCE1 | Observed correlations of unsolicited network traffic over five distinct IPv4 netblocks.pdf | 594 KB | Adobe Acrobat PDF | View Details |