@inproceedings{4aecaa1bcbb64828970e36e8711655cc,
title = "A Network Scanning Detection Method Based on TCP Flow State",
abstract = "Network scanning is always the beginning action of network attack and recent detection methods are hard to detect distributed scanning behavior. This paper proposes a Network Scanning Detection algorithm based on Flow State (NSCDFS) to precisely detect both traditional scanning and distributed scanning. The algorithm divides the state of flows into 6 stages and set the state of each flow according to the flag value of its package. And based on the situation of flows' state from the same source IP address, the traditional scanning and the distributed scanning can be detected precisely. And the experimental result shows the algorithm works well in the high speed network.",
keywords = "Distributed Scanning, Flow State, High Speed Network, Network Scanning",
author = "Qiao Hong and Tian Jianwei and Ying Ying and Tian Zheng and Zhu Hongyu and Li Shu",
note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 3rd International Conference on Smart City and Systems Engineering, ICSCSE 2018 ; Conference date: 29-12-2018 Through 30-12-2018",
year = "2018",
month = jul,
day = "2",
doi = "10.1109/ICSCSE.2018.00089",
language = "英语",
series = "Proceedings - 2018 3rd International Conference on Smart City and Systems Engineering, ICSCSE 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "419--422",
booktitle = "Proceedings - 2018 3rd International Conference on Smart City and Systems Engineering, ICSCSE 2018",
}