Network surveillance for detecting intrusions

Makoto Iguchi, Shigeki Goto

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    4 Citations (Scopus)


    The paper proposes a network surveillance method for detecting malicious activities. Based on the hypothesis that unusual conducts like system exploitation will trigger an abnormal network traffic, we try to detect this anomalous traffic pattern as a sign of malicious, or at least suspicious activities. Capturing and analyzing of a network traffic pattern is implemented with an idea of port profiling, where measures representing various characteristics of connections are monitored and recorded for each port. Though the generation of the port profiles requires a small amount of calculation, they exhibit high stability and robustness. By comparing the pattern exhibited by live traffic with the expected behavior recorded in the profile, intrusive activities like compromising backdoors or invoking trojan programs are successfully detected.

    Original languageEnglish
    Title of host publication1999 Internet Workshop, IWS 1999
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Number of pages8
    ISBN (Electronic)0780359259, 9780780359253
    Publication statusPublished - 1999 Jan 1
    Event1999 Internet Workshop, IWS 1999 - Suita, Osaka, Japan
    Duration: 1999 Feb 181999 Feb 20


    Other1999 Internet Workshop, IWS 1999
    CitySuita, Osaka

    ASJC Scopus subject areas

    • Information Systems and Management
    • Hardware and Architecture
    • Computer Networks and Communications


    Dive into the research topics of 'Network surveillance for detecting intrusions'. Together they form a unique fingerprint.

    Cite this