Paper Info
Title
Exploratory Data Analysis of a Network Telescope Traffic and Prediction of Port Probing Rates
Abstract
Understanding the properties exhibited by large scale network probing traffic would improve cyber threat intelligence. In addition, the prediction of probing rates is a key feature for security practitioners in their endeavors for making better operational decisions and for enhancing their defense strategy skills. In this work, we study different aspects of the traffic captured by a /20 network telescope. First, we perform an exploratory data analysis of the collected probing activities. The investigation includes probing rates at the port level, services interesting top network probers and the distribution of probing rates by geolocation. Second, we extract the network probers exploration patterns. We model these behaviors using transition graphs decorated with probabilities of switching from a port to another. Finally, we assess the capacity of Non-stationary Autoregressive and Vector Autoregressive models in predicting port probing rates as a first step towards using more robust models for better forecasting performance.
Year
DOI
Venue
2018
10.1109/ISI.2018.8587323
2018 IEEE International Conference on Intelligence and Security Informatics (ISI)
Keywords
DocType
ISBN
Cyber Intelligence,Cyber Security,Network Telescope,Darknet,Probing Patterns,Transition Graphs,Prediction of Probing Rates,Non-stationary Autoregressive Model,Non-stationary Vector Autoregressive Model,Machine Learning
Journal
978-1-5386-7849-7
Citations 
PageRank 
References 
0
0.34
7
Authors
7
Name
Order
Citations
PageRank
Mehdi Zakroum100.34
Abdellah Houmz200.68
Mounir Ghogho31072113.80
Ghita Mezzour422518.69
Abdelkader Lahmadi59018.46
Jérôme François617021.81
Mohammed El Koutbi77514.89