Internet-Wide Scanners Classification using Gaussian Mixture and Hidden Markov Models

被引：0

作者：

De Santis, Giulia ^{[1
]}

Lahmadi, Abdelkader ^{[2
]}

Francois, Jerome ^{[1
]}

Festor, Olivier ^{[1
,2
]}

机构：

[1] INRIA Nancy Grand Est, Villers Les Nancy, France

[2] Univ Lorraine, LORIA, Vandoeuvre Les Nancy, France

来源：

2018 9TH IFIP INTERNATIONAL CONFERENCE ON NEW TECHNOLOGIES, MOBILITY AND SECURITY (NTMS) | 2018年

关键词：

Network scanning; ZMap; Shodan; Darknet; Gaussian distribution models; Hidden Markov Models; PORT SCANS;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Internet-wide scanners are heavily used for malicious activities. This work models, from the scanned system point of view, spatial and temporal movements of Network Scanning Activities (NSAs), related to the difference of successive scanned IP addresses and timestamps, respectively. Based on real logs of incoming IP packets collected from a darknet, Hidden Markov Models (HMMs) are used to assess what scanning tool is operating. The proposed methodology, using only one of the aforementioned features of the scanning tool, is able to fingerprint what network scanner originated the perceived darknet traffic.

引用

页数：5

共 50 条

[1] Hidden Markov and Gaussian mixture models for automatic call classification
Brown, Judith C.
Smaragdis, Paris
[J]. JOURNAL OF THE ACOUSTICAL SOCIETY OF AMERICA, 2009, 125 (06): : EL221 - EL224
[2] Encrypted traffic classification based on Gaussian mixture models and Hidden Markov Models
Yao, Zhongjiang
Ge, Jingguo
Wu, Yulei
Lin, Xiaosheng
He, Runkang
Ma, Yuxiang
[J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2020, 166
[3] Myocardial infarction classification with multi-lead ECG using hidden Markov models and Gaussian mixture models
Chang, Pei-Chann
Lin, Jyun-Jie
Hsieh, Jui-Chien
Weng, Julia
[J]. APPLIED SOFT COMPUTING, 2012, 12 (10) : 3165 - 3175
[4] Hidden Markov Models and Gaussian Mixture Models for bearing fault detection using fractals
Marwala, T.
Mahola, U.
Nelwamondo, F. V.
[J]. 2006 IEEE INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORK PROCEEDINGS, VOLS 1-10, 2006, : 3237 - +
[5] Molecular multiplex network inference using Gaussian mixture hidden Markov models
Velickovic, Petar
Lio, Pietro
[J]. JOURNAL OF COMPLEX NETWORKS, 2016, 4 (04) : 561 - 574
[6] Dynamic Grasp Recognition Using Time Clustering, Gaussian Mixture Models and Hidden Markov Models
Ju, Zhaojie
Liu, Honghai
Zhu, Xiangyang
Xiong, Youlun
[J]. INTELLIGENT ROBOTICS AND APPLICATIONS, PT I, PROCEEDINGS, 2008, 5314 : 669 - +
[7] Dynamic Grasp Recognition Using Time Clustering, Gaussian Mixture Models and Hidden Markov Models
Ju, Zhaojie
Liu, Honghai
Zhu, Xiangyang
Xiong, Youlun
[J]. ADVANCED ROBOTICS, 2009, 23 (10) : 1359 - 1371
[8] Gas Turbine Engine Condition Monitoring Using Gaussian Mixture and Hidden Markov Models
Jacobs, William R.
Edwards, Huw L.
Li, Ping
Kadirkamanathan, Visakan
Mills, Andrew R.
[J]. INTERNATIONAL JOURNAL OF PROGNOSTICS AND HEALTH MANAGEMENT, 2018, 9 (02)
[9] Hyperspectral Image Classification Using Gaussian Mixture Models and Markov Random Fields
Li, Wei
Prasad, Saurabh
Fowler, James E.
[J]. IEEE GEOSCIENCE AND REMOTE SENSING LETTERS, 2014, 11 (01) : 153 - 157
[10] A survey of feature selection methods for Gaussian mixture models and hidden Markov models
Adams, Stephen
Beling, Peter A.
[J]. ARTIFICIAL INTELLIGENCE REVIEW, 2019, 52 (03) : 1739 - 1779

← 1 2 3 4 5 →