Powered by OpenAIRE graph
Found an issue? Give us feedback
downloadFull-Text
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Queensland Universit...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Queensland University of Technology: QUT ePrints
Part of book or chapter of book . 2008
Full-Text: https://eprints.qut.edu.au/20574/1/20574.pdf
Data sources: Bielefeld Academic Search Engine (BASE)
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
https://eprints.qut.edu.au/205...
Article
Data sources: UnpayWall
https://doi.org/10.1109/npc.20...
Article . 2008 . Peer-reviewed
Data sources: Crossref
DBLP
Conference object . 2023
Data sources: DBLP
https://dx.doi.org/10.1109/npc...
Article
Data sources: Microsoft Academic Graph
 View all 2 versions
Claim

Characterization of Attackers' Activities in Honeypot Traffic Using Principal Component Analysis

descriptionPublicationkeyboard_double_arrow_right Article , Conference object , Part of book or chapter of book 01 Oct 2008 Australia Publisher:IEEEJournal:2008 IFIP International Conference on Network and Parallel Computing
Authors: Almotairi, Saleh; Clark, Andrew; Mohay, George; Zimmermann, Jacob;

doi: 10.1109/npc.2008.82

Characterization of Attackers' Activities in Honeypot Traffic Using Principal Component Analysis

Abstract

Monitoring Internet traffic is critical in order to acquire a good understanding of threats and in designing efficient security systems. While honeypots are flexible security tools for gathering intelligence of Internet attacks, traffic collected by honeypots is of high dimensionality that makes it difficult to characterize. In this paper, we propose the use of principal component analysis, a multivariate analysis technique, for characterizing honeypot traffic and separating latent groups of activities. In addition, we show the usefulness of principal component plots in visualizing the interrelationships between the detected groups of activities and in finding outliers. This work is demonstrated through the use of low interaction honeypot traffic data from the Leurre.com project, a world wide deployment of low interaction honeypots.

Country
Australia
Related Organizations
Keywords

principal component analysis, traffic analysis, internet traffic characterisation, 303

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 15
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Top 10%
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
15
Average
Top 10%
Average
Green
Related to Research communities
Energy Planning
Knowmad Institut