Presentation is loading. Please wait.

Presentation is loading. Please wait.

Questions on “Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic” Yao Zhao.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Questions on “Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic” Yao Zhao."— Presentation transcript:

1 Questions on “Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic” Yao Zhao

2 Hybrid Architecture IMS + HMS IMS Proxy back to HMS –Detectable by delay

3 Filtering with First Payload Only use hash of the payload –A little bit change in the first payload will escape –Polymorphic worms

4 Collaboration Works? The IDS collaboration paper tells that collaboration helps much This paper tries to say collaboration of darknet doesn’t make much sense.

5 Duration of Event Figure 8 Obtained from one honeypot host Heavy tail? Long durations –A single /17 darknet block need to handle from 40,000 to 200,000 simultaneous connections –But session <> infection session

6 Different Scale of Darknets

Download ppt "Questions on “Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic” Yao Zhao."

Similar presentations

Approaches to Multi-Homing for IPv6 An Architectural View of IPv6 MultiHoming proposals Geoff Huston 2004.

Approaches to Multi-Homing for IPv6 An Architectural View of IPv6 MultiHoming proposals Geoff Huston 2004.
Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.
SIMPLE Presence Traffic Optimization and Server Scalability Vishal Kumar Singh Henning Schulzrinne Markus Isomaki Piotr Boni IETF 67, San Diego.

SIMPLE Presence Traffic Optimization and Server Scalability Vishal Kumar Singh Henning Schulzrinne Markus Isomaki Piotr Boni IETF 67, San Diego.
Greg Williams CS691 Summer 2011. Honeycomb  Introduction  Preceding Work  Important Points  Analysis  Future Work.

Greg Williams CS691 Summer Honeycomb  Introduction  Preceding Work  Important Points  Analysis  Future Work.
IDPS (Intrusion Detection & Prevention System )

IDPS (Intrusion Detection & Prevention System )
Module 8: Concepts of a Network Load Balancing Cluster

Module 8: Concepts of a Network Load Balancing Cluster
- 1 - Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic Michael Bailey, Evan Cooke, David Watson and Farnam Jahanian University.

- 1 - Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic Michael Bailey, Evan Cooke, David Watson and Farnam Jahanian University.
EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao

EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao
IDS Colloquium 2001John Kristoff - DePaul University1 Intrusion Detection Systems (IDS) John Kristoff +1 312 362-5878 DePaul University.

IDS Colloquium 2001John Kristoff - DePaul University1 Intrusion Detection Systems (IDS) John Kristoff DePaul University.
Payload Attribution via Hierarchical Bloom Filters

Payload Attribution via Hierarchical Bloom Filters
Automated Worm Fingerprinting Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage Manan Sanghi.

Automated Worm Fingerprinting Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage Manan Sanghi.
Vulnerabilities of Passive Internet Threat Monitors Yoichi Shinoda Japan Advanced Institute of Science and Technology Ko Ikai National Police Agency, Japan.

Vulnerabilities of Passive Internet Threat Monitors Yoichi Shinoda Japan Advanced Institute of Science and Technology Ko Ikai National Police Agency, Japan.
On the Difficulty of Scalably Detecting Network Attacks Kirill Levchenko with Ramamohan Paturi and George Varghese.

On the Difficulty of Scalably Detecting Network Attacks Kirill Levchenko with Ramamohan Paturi and George Varghese.
Comparing Hybrid Peer-to-Peer Systems Beverly Yang and Hector Garcia-Molina Presented by Marco Barreno November 3, 2003 CS 294-4: Peer-to-peer systems.

Comparing Hybrid Peer-to-Peer Systems Beverly Yang and Hector Garcia-Molina Presented by Marco Barreno November 3, 2003 CS 294-4: Peer-to-peer systems.
White Flag performed by Dido

White Flag performed by Dido
EEC-484/584 Computer Networks Lecture 14 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 14 Wenbing Zhao
DIDS part II The Return of dIDS 2/12 CIS 610. 2 GrIDS Graph based intrusion detection system for large networks. Analyzes network activity on networks.

DIDS part II The Return of dIDS 2/12 CIS GrIDS Graph based intrusion detection system for large networks. Analyzes network activity on networks.
DDoS Mitigation for ISP subscribers Rajaram Pejaver November 23, 2010 De-DDoS.

DDoS Mitigation for ISP subscribers Rajaram Pejaver November 23, 2010 De-DDoS.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.

China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.

Similar presentations

Ads by Google