TY - GEN
T1 - The use of packet inter-arrival times for investigating unsolicited internet traffic
AU - Zimmermann, Jacob
AU - Clark, Andrew
AU - Mohay, George
AU - Pouget, Fabien
AU - Dacier, Marc
N1 - Generated from Scopus record by KAUST IRTS on 2022-09-12
PY - 2005/12/1
Y1 - 2005/12/1
N2 - Monitoring the Internet reveals incessant activity, that has been referred to as background radiation. In this paper, we propose an original approach that makes use of packet Inter-Arrival Times, or IATs, to analyse and identify such abnormal or unexpected network activity. Our study exploits a large set of data collected on a distributed network of honeypots during more than six months. Our main contribution in this paper is to demonstrate the usefulness of IAT analysis for network forensic purposes, and we illustrate this with examples in which we analyse particular IAT peak values. In addition, we pinpoint some network anomalies that we have been able to determine through such analysis. © 2005 IEEE.
AB - Monitoring the Internet reveals incessant activity, that has been referred to as background radiation. In this paper, we propose an original approach that makes use of packet Inter-Arrival Times, or IATs, to analyse and identify such abnormal or unexpected network activity. Our study exploits a large set of data collected on a distributed network of honeypots during more than six months. Our main contribution in this paper is to demonstrate the usefulness of IAT analysis for network forensic purposes, and we illustrate this with examples in which we analyse particular IAT peak values. In addition, we pinpoint some network anomalies that we have been able to determine through such analysis. © 2005 IEEE.
UR - http://ieeexplore.ieee.org/document/1592524/
UR - http://www.scopus.com/inward/record.url?scp=33847225917&partnerID=8YFLogxK
U2 - 10.1109/SADFE.2005.26
DO - 10.1109/SADFE.2005.26
M3 - Conference contribution
SN - 0769524788
SP - 89
EP - 104
BT - Proceedings - First International Workshop on Systematic Approaches to Digital Forensic Engineering
ER -