A novel approach to finding frequency patterns in noisy network traffic
by Hall, Charles Anthony, M.S., IOWA STATE UNIVERSITY, 2007, 66 pages; 1443128

Abstract:

Due to the growing risks associated with owning a computer, most individuals and businesses run one or more computer security programs. Such programs include anti-virus software, anti-spyware software, encryption, firewalls, and intrusion detection and prevention systems. Unfortunately, each tool has its inherent vulnerabilities which criminals are able to exploit. Often, when a machine is compromised, a malicious program is installed. A common characteristic of many malicious programs is the tendency to make outbound connections on a periodic basis. We aim to use this characteristic to identify compromised machines. In this approach we create a time series from outbound connection times. We then search the time series for patterns. For each pattern we can determine its frequency, its length, whether it is still active, the time of each connection, and the participating machines. Our tests have shown that we can efficiently find patterns in time series data sets.
 
AdviserJohnny S. Wong
SchoolIOWA STATE UNIVERSITY
SourceMAI/ 45-05, p. , Jul 2007
Source TypeThesis
SubjectsComputer science
Publication Number1443128
Adobe PDF Access the complete dissertation:
 

» Find an electronic copy at your library.
  Use the link below to access a full citation record of this graduate work:
  http://gateway.proquest.com/openurl%3furl_ver=Z39.88-2004%26res_dat=xri:pqdiss%26rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation%26rft_dat=xri:pqdiss:1443128
  If your library subscribes to the ProQuest Dissertations & Theses (PQDT) database, you may be entitled to a free electronic version of this graduate work. If not, you will have the option to purchase one, and access a 24 page preview for free (if available).

About ProQuest Dissertations & Theses
With over 2.3 million records, the ProQuest Dissertations & Theses (PQDT) database is the most comprehensive collection of dissertations and theses in the world. It is the database of record for graduate research.

The database includes citations of graduate works ranging from the first U.S. dissertation, accepted in 1861, to those accepted as recently as last semester. Of the 2.3 million graduate works included in the database, ProQuest offers more than 1.9 million in full text formats. Of those, over 860,000 are available in PDF format. More than 60,000 dissertations and theses are added to the database each year.

If you have questions, please feel free to visit the ProQuest Web site - http://www.proquest.com - or call ProQuest Hotline Customer Support at 1-800-521-3042.