Komisarczuk, Peter and Welch, I. (2010) Internet sensor grid: experiences with passive and active instruments. In: WCITD/NF 2010, 20-23 September 2010, Brisbane, Australia.Full text not available from this repository.
The Internet is constantly evolving with new emergent behaviours arising; some of them malicious. This paper discusses opportunities and research direction in an Internet sensor grid for malicious behaviour detection, analysis and countermeasures. We use two example sensors as a basis; firstly the honeyclient for malicious server and content identification (i.e. drive-by-downloads, the most prevalent attack vector for client systems) and secondly the network telescope for Internet Background Radiation detection (IBR - which is classified as unsolicited, non-productive traffic that traverses the Internet, often malicious in nature or origin). Large amounts of security data can be collected from such sensors for analysis and federating honeyclient and telescope data provides a worldwide picture of attacks that could enable the provision of countermeasures. In this paper we outline some experiences with these sensors and analyzing network telescope data through Grid computing as part of an “intelligence layer” within the Internet.
|Item Type:||Conference or Workshop Item (Paper)|
|Subjects:||Computer science, knowledge and information systems|
|Depositing User:||Vani Aul|
|Date Deposited:||21 Mar 2014 15:09|
|Last Modified:||11 Dec 2015 14:32|
Actions (login required)