Paper Abstract and Keywords |
Presentation |
2015-11-26 15:00
tkiwa: A Detection Tool for Packets with Characteristic Network Protocol Header Takashi Koide (Yokohama National Univ.), Daisuke Makita (Yokohama National Univ./NICT), Takahiro Kasama, Mio Suzuki, Daisuke Inoue, Koji Nakao (NICT), Katsunari Yoshioka, Tsutomu Matsumoto (Yokohama National Univ.) ICSS2015-38 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The packets from malware and network tools that have their own implementation of network stack may have character-istic packet headers. In this paper, we develop tkiwa, a signature-based detection tool for such packets and incorporate it into the correlation analysis system of the NICTER for detecting network scans by particular scan tools and malware from darknet traffic in real time. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Darknet / Packet detection / Network scanner / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 115, no. 334, ICSS2015-38, pp. 19-24, Nov. 2015. |
Paper # |
ICSS2015-38 |
Date of Issue |
2015-11-19 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2015-38 |