Skip to Main content Skip to Navigation
Conference papers

Exploratory Data Analysis of a Network Telescope Traffic and Prediction of Port Probing Rates

Abstract : Understanding the properties exhibited by large scale network probing traffic would improve cyber threat intelligence. In addition, the prediction of probing rates is a key feature for security practitioners in their endeavors for making better operational decisions and for enhancing their defense strategy skills. In this work, we study different aspects of the traffic captured by a /20 network telescope. First, we perform an exploratory data analysis of the collected probing activities. The investigation includes probing rates at the port level, services interesting top network probers and the distribution of probing rates by geolocation. Second, we extract the network probers exploration patterns. We model these behaviors using transition graphs decorated with probabilities of switching from a port to another. Finally, we assess the capacity of Non-stationary Autoregressive and Vector Autoregressive models in predicting port probing rates as a first step towards using more robust models for better forecasting performance.
Document type :
Conference papers
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Jérôme François Connect in order to contact the contributor
Submitted on : Friday, December 7, 2018 - 12:54:24 PM
Last modification on : Saturday, October 16, 2021 - 11:26:10 AM
Long-term archiving on: : Friday, March 8, 2019 - 2:36:59 PM


Files produced by the author(s)


  • HAL Id : hal-01947984, version 1




Mehdi Zakroum, Abdellah Houmz, Mounir Ghogho, Ghita Mezzour, Abdelkader Lahmadi, et al.. Exploratory Data Analysis of a Network Telescope Traffic and Prediction of Port Probing Rates. ISI 2018 - IEEE Intelligence and Security Informatics, Nov 2018, Miami, United States. ⟨hal-01947984⟩



Record views


Files downloads