See this document in CiteSeerX!

On the Design and Use of Internet Sinks for Network Abuse Monitoring (2004)  (Make Corrections)  (8 citations)
Vinod Yegneswaran, Paul Barford, Dave Plonka



  Home/Search   Context   Related

 
View or download:
wisc.edu/~vinod/raidpaper.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  wisc.edu/anomaly (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Monitoring unused or dark IP addresses offers opportunities to significantly improve and expand knowledge of abuse activity without many of the problems associated with typical network intrusion detection and firewall systems. (Update)

Cited by:   More
Tracking the Role of Adversaries in Measuring Unwanted .. - Allman, Barford.. (2006)   (Correct)
The HoneyTank : a scalable approach - To Collect Malicious   (Correct)
Virtual Playgrounds For Worm Behavior Investigation - Xuxian Jiang Dongyan   (Correct)

Active bibliography (related documents):   More   All
0.7:   Characteristics of Internet Background Radiation - Pang, Yegneswaran, Barford.. (2004)   (Correct)
0.6:   A Signal Analysis of Network Traffic Anomalies - Barford, Kline, Plonka, Ron (2002)   (Correct)
0.5:   Detecting Intra-enterprise Scanning Worms based on Address.. - David Whyte Paul   (Correct)

Similar documents based on text:
0.2:   Characteristics of Network Delays in Wide Area File.. - Barford, Donoho.. (2002)   (Correct)
0.2:   Fusion and Filtering in Distributed Intrusion Detection.. - Barford, Jha, Yegneswara (2004)   (Correct)
0.2:   A Framework for Malicious Workload Generation - Sommers, Yegneswaran, Barford (2004)   (Correct)

Related documents from co-citation:   More   All
5:   Inferring Internet Denial-of-Service Activity - Moore, Voelker et al. - 2001
4:   Internet intrusions: Global characteristics and prevalence - Yegneswaran, Barford et al. - 2003
4:   A Virtual Honeypot Framework - Provos - 2004

BibTeX entry:   (Update)

V. Yegneswaran, P. Barford, and D. Plonka. On the design and use of internet sinks for network abuse monitoring. In Proceedings of Recent Advances in Intrusion Detection, 2004. http://citeseer.ist.psu.edu/yegneswaran04design.html   More

@misc{ yegneswaran04design,
  author = "V. Yegneswaran and P. Barford and D. Plonka",
  title = "the design and use of internet sinks for network abuse monitoring",
  text = "V. Yegneswaran, P. Barford, and D. Plonka. On the design and use of internet
    sinks for network abuse monitoring. In Proceedings of Recent Advances in
    Intrusion Detection, 2004.",
  year = "2004",
  url = "citeseer.ist.psu.edu/yegneswaran04design.html" }
Citations (may not include all citations):
123   BRO: A System for Detecting Network Intruders in Real Time - Paxson - 1998
113   Inferring Internet Denial of Service Activity - Moore, Voelker et al. - 2001
111   ACM Transactions on Computer Systems (context) - Kohler, Morris et al. - 2000
83   New Directions in Traffic Measurement and Accounting - Estan, Varghese - 2002
74   Code Red: A Case Study on the Spread and Victims of an Inter.. - Moore, Shannon et al. - 2002
74   Internet Quarantine: Requirements for Containing Self-Propag.. - Moore, Shannon et al. - 2003
72   NetScope: Traffic Engineering for IP Networks - Feldmann, Greenberg et al. - 2000
70   A Data Mining Framework for Building Intrusion Detection Mod.. - Lee, Stolfo et al. - 1999
56   How to Own the Internet in Your Spare Time (context) - Staniford, Paxson et al. - 2002
36   Practical Automated Detection of Stealthy Portscans (context) - Staniford, Hoagland et al. - 2000
28   Adaptive Real-Time Anomaly Detection Using Inductively Gener.. (context) - Teng, Chen et al. - 1999
28   Spread SapphireSlammer Worm (context) - Savage, Staniford et al. - 2003
23   Internet Intrusions: Global Characteristics and Prevalence - Yegneswaran, Barford et al. - 2003
16   Monitoring very high speed links - Iannaccone, Diot et al. - 2001
12   Flowscan: A network traffic flow reporting and visualization.. (context) - Plonka - 2000
11   Global Intrusion Detection in the DOMINO Overlay System - Yegneswaran, Barford et al. - 2004
9   Gigascope: High Performance Network Monitoring with an SQL I.. (context) - Cranor, Gao et al.
8   the Design and Use of Internet Sinks for Network Abuse Monit.. - Yegneswaran, Barford et al. - 2004
5   The Use of Information Retrieval Techniques for Intrusion De.. - Anderson, Khattak - 1998
2   Network Telescopes (context) - Moore - 2003
2   BGPv4 Security Risk Assessment (context) - Greene - 2002
2   Remote Triggering Black Hole Filtering (context) - Greene - 2002
2   The multi router traffic grapher (context) - Oetiker - 1998
1   RFC 1817: CIDR and Classful Routing (context) - Rekhter - 1995
1   LovGate Virus Summary (context) - Associates - 2002
http://www.citi.umich.edu/u/provos/honeyd
http://www.qosient.com/argus/
http://www.hackbusters.net/LaBrea/
http://www.snort.org
http://uk.trendmicro-europe.com/enterprise/security
http://www.cs.wisc.edu/
http://project.honeynet.org



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://wail.cs.wisc.edu/anomaly.html):   More
Characteristics of Internet Background Radiation - Pang, Yegneswaran, Barford.. (2004)   (Correct)
A Framework for Malicious Workload Generation - Sommers, Yegneswaran, Barford (2004)   (Correct)
Fusion and Filtering in Distributed Intrusion Detection.. - Barford, Jha, Yegneswara (2004)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC