Improving scanner data collection in P4-based SDN

Yun Zhan Cai, Chih Hao Lai, Yu Ting Wang, Meng Hsun Tsai

研究成果: Conference contribution同行評審

8 引文 斯高帕斯(Scopus)

摘要

Port scanning is a well-known behavior when a botnet searches target devices. To detect port scanning accurately, data with high discriminatory power are indispensable. Most related works, however, focus on data analysis methods but neglect storage limitations of switches, which makes their methods impractical. Therefore, we propose a new data collection method for collecting network information of port scanning in P4-based SDN named 0-replacement. Through simulations, we compare the 0-replacement method with two classic data collection methods. Results show that the 0-replacement method improves the true positive ratio by at least 25 percentage points but only consumes 0.36% memory space.

原文English
主出版物標題APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium
主出版物子標題Towards Service and Networking Intelligence for Humanity
發行者Institute of Electrical and Electronics Engineers Inc.
頁面126-131
頁數6
ISBN(電子)9788995004388
DOIs
出版狀態Published - 9月 2020
事件21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020 - Daegu, Korea, Republic of
持續時間: 22 9月 202025 9月 2020

出版系列

名字APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity

Conference

Conference21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020
國家/地區Korea, Republic of
城市Daegu
期間22/09/2025/09/20

指紋

深入研究「Improving scanner data collection in P4-based SDN」主題。共同形成了獨特的指紋。

引用此