Publication Details

Portscan detection using NetFlow data

GRÉGR, M. Portscan detection using NetFlow data. Proceedings of the 16th Conference Student EEICT 2010 Volume 5. Brno: Faculty of Information Technology BUT, 2010. p. 229-233. ISBN: 978-80-214-4080-7.

Czech title

Detekce skenování pomocí dat NetFlow

Type

conference paper

Language

English

Authors

Grégr Matěj, Ing., Ph.D. (DIFS)

URL

http://www.feec.vutbr.cz/EEICT/2010/sbornik/03-Doktorske_projekty/09-Pocitacove_systemy/02-xgregr01.pdf

Keywords

NetFlow, port scan detection, security, decision tree

Abstract

Portscan detection methods are usually focused on enterprise networks where the traffic volume is low. Portscan detection on high speed backbone networks has however different requirements. This paper introduces a method for detection of portscans on a university backbone network using NetFlow data, collected by hardware accelerated NetFlow probes.

Published

2010

Pages

229–233

Proceedings

Proceedings of the 16th Conference Student EEICT 2010 Volume 5

Conference

Student EEICT 2010, FEKT VUT v Brně, CZ

ISBN

978-80-214-4080-7

Publisher

Faculty of Information Technology BUT

Place

Brno

BibTeX

@inproceedings{BUT36308,
  author="Matěj {Grégr}",
  title="Portscan detection using NetFlow data",
  booktitle="Proceedings of the 16th Conference Student EEICT 2010 Volume 5",
  year="2010",
  pages="229--233",
  publisher="Faculty of Information Technology BUT",
  address="Brno",
  isbn="978-80-214-4080-7",
  url="http://www.feec.vutbr.cz/EEICT/2010/sbornik/03-Doktorske_projekty/09-Pocitacove_systemy/02-xgregr01.pdf"
}