@inproceedings{f8fa5605f2b646e381d82f32210d9643,
title = "Improving scanner data collection in P4-based SDN",
abstract = "Port scanning is a well-known behavior when a botnet searches target devices. To detect port scanning accurately, data with high discriminatory power are indispensable. Most related works, however, focus on data analysis methods but neglect storage limitations of switches, which makes their methods impractical. Therefore, we propose a new data collection method for collecting network information of port scanning in P4-based SDN named 0-replacement. Through simulations, we compare the 0-replacement method with two classic data collection methods. Results show that the 0-replacement method improves the true positive ratio by at least 25 percentage points but only consumes 0.36% memory space.",
keywords = "Data collection, P4, Port scanning, SDN",
author = "Cai, {Yun Zhan} and Lai, {Chih Hao} and Wang, {Yu Ting} and Tsai, {Meng Hsun}",
note = "Publisher Copyright: {\textcopyright} 2020 KICS.; 21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020 ; Conference date: 22-09-2020 Through 25-09-2020",
year = "2020",
month = sep,
doi = "10.23919/APNOMS50412.2020.9237047",
language = "English",
series = "APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "126--131",
booktitle = "APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium",
address = "美國",
}