Network abuse detection via flow content characterization

Mehdi Kharrazi; Kulesh Shanmugasundaram; Nasir Memon

Network abuse detection via flow content characterization

Mehdi Kharrazi, Kulesh Shanmugasundaram, Nasir Memon

Center for Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

Original language	English (US)
Title of host publication	Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
Pages	285-290
Number of pages	6
State	Published - 2004
Event	Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC - West Point, NY, United States Duration: Jun 10 2004 → Jun 11 2004

Publication series

Name	Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC

Other

Other	Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
Country/Territory	United States
City	West Point, NY
Period	6/10/04 → 6/11/04

ASJC Scopus subject areas

Engineering(all)

Cite this

Network abuse detection via flow content characterization. / Kharrazi, Mehdi; Shanmugasundaram, Kulesh; Memon, Nasir.
Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC. 2004. p. 285-290 (Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kharrazi, M, Shanmugasundaram, K & Memon, N 2004, Network abuse detection via flow content characterization. in Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC. Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC, pp. 285-290, Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC, West Point, NY, United States, 6/10/04.

@inproceedings{e0e5a44828c14ba997ba48dd90f243a8,

title = "Network abuse detection via flow content characterization",

abstract = "One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.",

author = "Mehdi Kharrazi and Kulesh Shanmugasundaram and Nasir Memon",

year = "2004",

language = "English (US)",

isbn = "0780385721",

series = "Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC",

pages = "285--290",

booktitle = "Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC",

note = "Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC ; Conference date: 10-06-2004 Through 11-06-2004",

}

TY - GEN

T1 - Network abuse detection via flow content characterization

AU - Kharrazi, Mehdi

AU - Shanmugasundaram, Kulesh

AU - Memon, Nasir

PY - 2004

Y1 - 2004

N2 - One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

AB - One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

UR - http://www.scopus.com/inward/record.url?scp=15944393477&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=15944393477&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:15944393477

SN - 0780385721

T3 - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC

SP - 285

EP - 290

BT - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC

T2 - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC

Y2 - 10 June 2004 through 11 June 2004

ER -

Network abuse detection via flow content characterization

Abstract

Publication series

Other

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this