Network Telescope Research Papers - Academia.edu (original) (raw)

3 Followers

Recent papers in Network Telescope

• Top Papers
• Most Cited Papers
• Most Downloaded Papers
• Newest Papers
• People

The use of Network Telescope systems has become increasingly popular amongst security researchers in recent years. This study provides a framework for the utilisation of this data. The research is based on a primary dataset of 40 million... more

The use of Network Telescope systems has become increasingly popular amongst
security researchers in recent years. This study provides a framework for the utilisation
of this data. The research is based on a primary dataset of 40 million events
spanning 50 months collected using a small (/24) passive network telescope located
in African IP space. This research presents a number of differing ways in which
the data can be analysed ranging from low level protocol based analysis to higher
level analysis at the geopolitical and network topology level. Anomalous traffic
and illustrative anecdotes are explored in detail and highlighted. A discussion relating
to bogon traffic observed is also presented. Two novel visualisation tools are
presented, which were developed to aid in the analysis of large network telescope
datasets. The first is a three-dimensional visualisation tool which allows for live,
near-realtime analysis, and the second is a two-dimensional fractal based plotting
scheme which allows for plots of the entire IPv4 address space to be produced,
and manipulated. Using the techniques and tools developed for the analysis of
this dataset, a detailed analysis of traffic recorded as destined for port 445/tcp is
presented. This includes the evaluation of traffic surrounding the outbreak of the
Conficker worm in November 2008. A number of metrics relating to the description
and quantification of network telescope configuration and the resultant traffic captures
are described, the use of which it is hoped will facilitate greater and easier
collaboration among researchers utilising this network security technology. The
research concludes with suggestions relating to other applications of the data and
intelligence that can be extracted from network telescopes, and their use as part of
an organisation’s integrated network security systems.

• • by Barry Irwin
  • •
  • Network Security, Malware, Network Telescope

Log In