Nabs: A system for detecting resource abuses via characterization of flow content type

Kulesh Shanmugasundaram, Mehdi Kharrazi, Nasir Memon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and wide use of tunnels makes it difficult to detect such abuses and easy to circumvent security policies. This paper presents the design and implementation of a system, called Nabs, that characterizes content types of network flows based solely on the payload which can then be used to identify abuses of computing resources. The proposed method does not depend on packet headers or other simple packet characteristics hence is more robust to circumvention.

Original languageEnglish (US)
Title of host publicationProceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004
Pages316-325
Number of pages10
DOIs
StatePublished - 2004
Event20th Annual Computer Security Applications Conference, ACSAC 2004 - Tucson, AZ, United States
Duration: Dec 6 2004Dec 10 2004

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527

Other

Other20th Annual Computer Security Applications Conference, ACSAC 2004
Country/TerritoryUnited States
CityTucson, AZ
Period12/6/0412/10/04

ASJC Scopus subject areas

  • Software
  • General Engineering

Fingerprint

Dive into the research topics of 'Nabs: A system for detecting resource abuses via characterization of flow content type'. Together they form a unique fingerprint.

Cite this