Network abuse detection via flow content characterization

Mehdi Kharrazi, Kulesh Shanmugasundaram, Nasir Memon

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

    Original languageEnglish (US)
    Title of host publicationProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
    Pages285-290
    Number of pages6
    StatePublished - 2004
    EventProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC - West Point, NY, United States
    Duration: Jun 10 2004Jun 11 2004

    Other

    OtherProceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
    CountryUnited States
    CityWest Point, NY
    Period6/10/046/11/04

    Fingerprint

    Peer to peer networks
    Availability
    Personnel

    ASJC Scopus subject areas

    • Engineering(all)

    Cite this

    Kharrazi, M., Shanmugasundaram, K., & Memon, N. (2004). Network abuse detection via flow content characterization. In Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC (pp. 285-290)

    Network abuse detection via flow content characterization. / Kharrazi, Mehdi; Shanmugasundaram, Kulesh; Memon, Nasir.

    Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC. 2004. p. 285-290.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Kharrazi, M, Shanmugasundaram, K & Memon, N 2004, Network abuse detection via flow content characterization. in Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC. pp. 285-290, Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC, West Point, NY, United States, 6/10/04.
    Kharrazi M, Shanmugasundaram K, Memon N. Network abuse detection via flow content characterization. In Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC. 2004. p. 285-290
    Kharrazi, Mehdi ; Shanmugasundaram, Kulesh ; Memon, Nasir. / Network abuse detection via flow content characterization. Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC. 2004. pp. 285-290
    @inproceedings{e0e5a44828c14ba997ba48dd90f243a8,
    title = "Network abuse detection via flow content characterization",
    abstract = "One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.",
    author = "Mehdi Kharrazi and Kulesh Shanmugasundaram and Nasir Memon",
    year = "2004",
    language = "English (US)",
    isbn = "0780385721",
    pages = "285--290",
    booktitle = "Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC",

    }

    TY - GEN

    T1 - Network abuse detection via flow content characterization

    AU - Kharrazi, Mehdi

    AU - Shanmugasundaram, Kulesh

    AU - Memon, Nasir

    PY - 2004

    Y1 - 2004

    N2 - One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

    AB - One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and the availability of proxies for tunneling makes it difficult to detect such abuse and easy to circumvent security policies. This paper presents a novel method to detect abuse of resources on a network based solely on the payload content type. The proposed method does not depend on packet headers and other simple packet characteristics and hence is able to better detect incidents of abuse.

    UR - http://www.scopus.com/inward/record.url?scp=15944393477&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=15944393477&partnerID=8YFLogxK

    M3 - Conference contribution

    SN - 0780385721

    SP - 285

    EP - 290

    BT - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC

    ER -