Skip to Main content Skip to Navigation
New interface

Capture and Study of Attackers in Darknet

Manobala Namasivayam Nirmala 1 
1 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : In this report, we detail the analysis of data captured from network telescopes deployed in Nancy and Tokyo that is to be indexed in a distributed search engine. A visual statistical analysis is performed on the indexed data and then the data is characterized to find network scan attacks. Dynamic adaptive clustering technique is used to detect scan attacks like IP sweep and port sweep in network data, which are later further categorized into sub types based on the cluster type. The data derived from visualizations of the indexed network data is compared against the attacks detected using the clustering algorithm, to detect similarities between them, if available. Additionally, results were analyzed to check if attacks spread over a long period of time could be detected using clustering. Then from the derived analytics the most frequently targeted ports are extracted for both Nancy and Tokyo to provide an overview of the targeted services running on those ports.A comprehensive comparative analysis is made to determine more information about the geographical variance in attack patterns between the network data gathered in Nancy and Tokyo.
Complete list of metadata
Contributor : Jérôme François Connect in order to contact the contributor
Submitted on : Wednesday, December 16, 2015 - 1:21:22 PM
Last modification on : Thursday, October 27, 2022 - 1:45:02 PM


  • HAL Id : hal-01244875, version 1



Manobala Namasivayam Nirmala. Capture and Study of Attackers in Darknet. [Internship report] Université de Lorraine. 2015. ⟨hal-01244875⟩



Record views