• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

Flow Based Observations from NETI@home and Honeynet Data

Added by Papergrl

Description: We conduct a flow based comparison of honeynet traffic, representing malicious traffic, and NETI@home traffic, representing typical end user traffic. We present a cumulative distribution function of the number of packets for a TCP flow and learn that a large portion of these flows in both datasets are failed and potentially malicious connection attempts. Next, we look at a histogram of TCP port activity over large time scales to gain insight into port scanning and worm activity.