Result Details

Portscan detection using NetFlow data

GRÉGR, M. Portscan detection using NetFlow data. Proceedings of the 16th Conference Student EEICT 2010 Volume 5. Brno: Faculty of Information Technology BUT, 2010. p. 229-233. ISBN: 978-80-214-4080-7.

Type

conference paper

Language

English

Authors

Grégr Matěj, Ing., Ph.D., CIS ‒ KolejNet (CIS), DIFS (FIT)

Abstract

Portscan detection methods are usually focused on enterprise networks where the traffic volume is low. Portscan detection on high speed backbone networks has however different requirements. This paper introduces a method for detection of portscans on a university backbone
network using NetFlow data, collected by hardware accelerated NetFlow probes.

Keywords

NetFlow, port scan detection, security, decision tree

URL

http://www.feec.vutbr.cz/EEICT/2010/sbornik/03-Doktorske_projekty/09-Pocitacove…

Published

2010

Pages

229–233

Proceedings

Proceedings of the 16th Conference Student EEICT 2010 Volume 5

Conference

Student EEICT 2010

ISBN

978-80-214-4080-7

Publisher

Faculty of Information Technology BUT

Place

Brno

BibTeX

@inproceedings{BUT36308,
  author="Matěj {Grégr}",
  title="Portscan detection using NetFlow data",
  booktitle="Proceedings of the 16th Conference Student EEICT 2010 Volume 5",
  year="2010",
  pages="229--233",
  publisher="Faculty of Information Technology BUT",
  address="Brno",
  isbn="978-80-214-4080-7",
  url="http://www.feec.vutbr.cz/EEICT/2010/sbornik/03-Doktorske_projekty/09-Pocitacove_systemy/02-xgregr01.pdf"
}

Projects

Secured, reliable and adaptive computer systems, BUT, Vnitřní projekty VUT, FIT-S-10-1, start: 2010-03-01, end: 2010-12-31, completed

Research groups

NES@FIT - Networks and distributed systems research group (RG NES@FIT)

Departments

Department of Information Systems (DIFS)