Network abuse detection via flow content characterization

Mehdi Kharrazi, Kulesh Shanmugasundaram, Nasir Memon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

Original languageEnglish (US)
Title of host publicationProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
Pages285-290
Number of pages6
StatePublished - Dec 1 2004
EventProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC - West Point, NY, United States
Duration: Jun 10 2004Jun 11 2004

Publication series

NameProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC

Other

OtherProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
CountryUnited States
CityWest Point, NY
Period6/10/046/11/04

    Fingerprint

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Kharrazi, M., Shanmugasundaram, K., & Memon, N. (2004). Network abuse detection via flow content characterization. In Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC (pp. 285-290). (Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC).