download0 view1,150
twitter facebook

공공누리This item is licensed Korea Open Government License

dc.contributor.author
최상수
dc.contributor.author
송중석
dc.date.accessioned
2019-08-28T07:41:39Z
dc.date.available
2019-08-28T07:41:39Z
dc.date.issued
2014-10-01
dc.identifier.issn
1939-0114
dc.identifier.uri
https://repository.kisti.re.kr/handle/10580/14368
dc.identifier.uri
http://www.ndsl.kr/ndsl/search/detail/article/articleSearchResultDetail.do?cn=NART73205234
dc.description.abstract
In general, attackers carry out scanning or probing against a certain network when they start to attack their victims. Because of this, darknet is very useful to observe the scanning activities of attackers who want to find their victims that have security vulnerabilities in operating systems, applications, services, and so on. Thus, by observing and analyzing darknet traffic, it is able to obtain an insight into malicious activities that are happening on the Internet and to identify potential attackers who sent attack packets to the darknet. However, darknet has a fatal limitation that most of the darknet traffic has no payload data. This means that we cannot collect the real attack codes from the original darknet traffic. To cope with this problem, we propose a security monitoring and response model to analyze cyber threats trend and to trace potential attackers based on darknet traffic. We have evaluated the proposed model using one /24 darknet IP addresses and TMS alerts that were obtained from TMS. The experimental results provided the statistical information of all the incoming darknet traffic so that we could obtain the global cyber threats trend. Furthermore, the experimental results demonstrated that we could obtain malicious attack patterns and attack codes that were not detected by TMS.
dc.language
eng
dc.relation.ispartofseries
Security and communication networks
dc.title
A model of analyzing cyber threats trend and tracing potential attackers based on darknet traffic
dc.subject.keyword
darknet
dc.subject.keyword
cyber threats trend
dc.subject.keyword
tracing potential attackers
Appears in Collections:
7. KISTI 연구성과 > 학술지 발표논문
Files in This Item:
There are no files associated with this item.

Browse