Publication Details

Portscan detection using NetFlow data

GRÉGR Matěj. Portscan detection using NetFlow data. In: Proceedings of the 16th Conference Student EEICT 2010 Volume 5. Brno: Faculty of Information Technology BUT, 2010, pp. 229-233. ISBN 978-80-214-4080-7.

Czech title

Detekce skenování pomocí dat NetFlow

Type

conference paper

Language

english

Authors

Grégr Matěj, Ing., Ph.D. (DIFS FIT BUT)

URL

http://www.feec.vutbr.cz/EEICT/2010/sbornik/03-Doktorske_projekty/09-Pocitacove_systemy/02-xgregr01.pdf PDF

Keywords

NetFlow, port scan detection, security, decision tree

Abstract

Portscan detection methods are usually focused on enterprise networks where the traffic volume is low. Portscan detection on high speed backbone networks has however different requirements. This paper introduces a method for detection of portscans on a university backbone
network using NetFlow data, collected by hardware accelerated NetFlow probes.

Published

2010

Pages

229-233

Proceedings

Proceedings of the 16th Conference Student EEICT 2010 Volume 5

Conference

Student EEICT 2010, Brno, CZ

ISBN

978-80-214-4080-7

Publisher

Faculty of Information Technology BUT

Place

Brno, CZ

BibTeX

@INPROCEEDINGS{FITPUB9339,
   author = "Mat\v{e}j Gr\'{e}gr",
   title = "Portscan detection using NetFlow data",
   pages = "229--233",
   booktitle = "Proceedings of the 16th Conference Student EEICT 2010 Volume 5",
   year = 2010,
   location = "Brno, CZ",
   publisher = "Faculty of Information Technology BUT",
   ISBN = "978-80-214-4080-7",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/9339"
}