Detection of slow port scans in flow-based network traffic
Ring, M.; Landes, Dieter; Hotho, A. (2018)
PLOS ONE 2018 13 (9).
DOI: 10.1371/journal.pone.0204507
Open Access Peer Reviewed
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of slow port scans in company networks is challenging due to the massive amount of network data. This paper proposes an innovative approach for preprocessing flow-based data which is specifically tailored to the detection of slow port scans. The preprocessing chain generates new objects based on flow-based data aggregated over time windows while taking domain knowledge as well as additional knowledge about the network structure into account. The computed objects are used as input for the further analysis. Based on these objects, we propose two different approaches for detection of slow port scans. One approach is unsupervised and uses sequential hypothesis testing whereas the other approach is supervised and uses classification algorithms. We compare both approaches with existing port scan detection algorithms on the flow-based CIDDS-001 data set. Experiments indicate that the proposed approaches achieve better detection rates and exhibit less false alarms than similar algorithms.
Active Learning of Software Quality and Project Management
Sedelmaier, Yvonne; Landes, Dieter (2018)
Proceedings 9th IEEE Global Engineering Education Conference EDUCON 2018, 1077–1085.
Peer Reviewed
Innovatives Requirements Engineering – ohne den Menschen?
Sedelmaier, Yvonne; Landes, Dieter (2018)
Softwaretechnik-Trends 38 (1), 35–36.
Peer Reviewed
Systematic evolution of a learning setting for requirements engineering education based on competence-oriented didactics
Sedelmaier, Yvonne; Landes, Dieter (2018)
Proceedings 9th IEEE Global Engineering Education Conference EDUCON 2018, 1068–1076.
DOI: 10.1109/EDUCON.2018.8363348
Peer Reviewed
Better Understanding Fundamental Computer Science Concepts through Peer Review
Sedelmaier, Yvonne; Landes, Dieter; Kuhn, Maria (2018)
47nd International Conference on Engineering Pedagogy / 21th International Conference on Interactive Collaborative Learning (ICL) 2018, 928–939.
Peer Reviewed
Technical Report CIDDS-001 data set
Ring, Markus; Wunderlich, Sarah; Grüdl, Dominik; Landes, Dieter; Hotho, A. (2017)
Technical Report.
Open Access
IP2Vec: Learning Similarities Between IP Addresses
Ring, M.; Dallmann, A.; Landes, Dieter; Hotho, A. (2017)
17th IEEE International Conference on Data Mining Workshops / Los Alamitos, California 2017, 657–666.
DOI: 10.1109/ICDMW.2017.93
Peer Reviewed
A Toolset for Intrusion and Insider Threat Detection
Ring, M.; Wunderlich, Sarah; Grüdl, Dominik; Landes, Dieter; Hotho, A. (2017)
Data analytics and decision support for cybersecurity / Cham 2017 3, 3–31.
DOI: 10.1007/978-3-319-59439-2_1
Peer Reviewed
Flow-based benchmark data sets for intrusion detection
Ring, M.; Wunderlich, Sarah; Grüdl, Dominik; Landes, Dieter; Hotho, A. (2017)
Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS) 2017, 361–369.
Peer Reviewed
Experiences in Teaching and Learning Requirements Engineering on a Sound Didactical Basis
Landes, Dieter; Sedelmaier, Yvonne (2017)
Proceedings fo the 22nd Conference on Innovation and Technology in Computer Science Education (ITiCSE 2017) 2017, 116–121.
Peer Reviewed
How Can We Find out What Makes a Good Requirements Engineer in the Age of Digitization?
Sedelmaier, Yvonne; Landes, Dieter (2017)
Int. Journal of Engineering Pedagogy iJEP 7 (3), 147–164.
DOI: 10.3991/ijep.v7i3.7424
Open Access Peer Reviewed
Fakultät Elektrotechnik und Informatik (FEI)
Hochschule Coburg
Friedrich-Streib-Str. 2
96450 Coburg
Jakob Hanke
Forschungsreferent
T +49 9561 317 360
jakob.hanke[at]hs-coburg.de