{"title":"基于蜜罐分析的TCP 445攻击分类及全局快照","authors":"Yinghui Luo, Zhiqing Zhang, H. Esaki, H. Ochiai","doi":"10.1109/AITC.2019.8921162","DOIUrl":null,"url":null,"abstract":"This paper analyzes malicious activities collected in port 445 for 20 days by honeypot, by exposing our computer to malicious hosts and luring them to intrude it. We filtered the intrusion packets by Samba protocol and find their characteristics for classifying them into 3 types and processed them for their source IP address. The goal is obtaining the source country corresponding to each type of malicious activities in port 445 so that we could analyze their source country distribution.","PeriodicalId":388642,"journal":{"name":"2019 International Conference on Advanced Information Technologies (ICAIT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Classification of TCP 445 Attacks and Global Snapshot with Honeypot Analysis\",\"authors\":\"Yinghui Luo, Zhiqing Zhang, H. Esaki, H. Ochiai\",\"doi\":\"10.1109/AITC.2019.8921162\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper analyzes malicious activities collected in port 445 for 20 days by honeypot, by exposing our computer to malicious hosts and luring them to intrude it. We filtered the intrusion packets by Samba protocol and find their characteristics for classifying them into 3 types and processed them for their source IP address. The goal is obtaining the source country corresponding to each type of malicious activities in port 445 so that we could analyze their source country distribution.\",\"PeriodicalId\":388642,\"journal\":{\"name\":\"2019 International Conference on Advanced Information Technologies (ICAIT)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Conference on Advanced Information Technologies (ICAIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AITC.2019.8921162\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Advanced Information Technologies (ICAIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AITC.2019.8921162","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Classification of TCP 445 Attacks and Global Snapshot with Honeypot Analysis
This paper analyzes malicious activities collected in port 445 for 20 days by honeypot, by exposing our computer to malicious hosts and luring them to intrude it. We filtered the intrusion packets by Samba protocol and find their characteristics for classifying them into 3 types and processed them for their source IP address. The goal is obtaining the source country corresponding to each type of malicious activities in port 445 so that we could analyze their source country distribution.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
