U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Understanding Increasing Traffic Levels for Internet Abuse Detection

NCJ Number
219751
Journal
Security Journal Volume: 20 Issue: 2 Dated: 2007 Pages: 63-76
Author(s)
P. Standford; D. J. Parish; J. M. Standford
Date Published
2007
Length
14 pages
Annotation
This article describes the experimental implementation of a process designed to overcome the difficulty in processing network traffic for the detection of Internet abuse.
Abstract
The process used to overcome the difficulties associated with processing all network traffic is based on processing summaries of network traffic rather than individual packets. The experimental approach described works by capturing individual packets from the network and summarizing the specific characteristics of the headers. These summaries can then be analyzed by using data mining tools that can identify abuse or unusual characteristics. The resulting analysis results can then be used to refine the summarization process to improve efficiency and to provide a means of responding to new threats. The authors explain that Internet abuse is a serious problem that undermines e-business commerce. Unfortunately, certain types of Internet misuse can only be identified and prevented within the network core. This is problematic because as Internet communication data rates rise, processing all network traffic in the hopes of ferreting out Internet abuse becomes increasingly difficult. The authors offer an overview of Internet misuse as well as discussions of Internet data rate issues, processing issues, legal issues, and practical issues. Figures, references