| Campo DC | Valore | Lingua |
|---|---|---|
| dc.authority.orgunit | Istituto di Elettronica e di Ingegneria dell'Informazione e delle Telecomunicazioni - IEIIT | - |
| dc.authority.people | M Aiello | it |
| dc.authority.people | D Chiarella | it |
| dc.authority.people | G Papaleo | it |
| dc.collection.id.s | b3f88f24-048a-4e43-8ab1-6697b90e068e | * |
| dc.collection.name | 01.01 Articolo in rivista | * |
| dc.contributor.appartenenza | Istituto di Elettronica e di Ingegneria dell'Informazione e delle Telecomunicazioni - IEIIT | * |
| dc.contributor.appartenenza | Istituto di linguistica computazionale "Antonio Zampolli" - ILC | * |
| dc.contributor.appartenenza.mi | 877 | * |
| dc.contributor.appartenenza.mi | 918 | * |
| dc.date.accessioned | 2024/02/20 14:08:14 | - |
| dc.date.available | 2024/02/20 14:08:14 | - |
| dc.date.issued | 2009 | - |
| dc.description.affiliations | IEIIT UOS di Genova | - |
| dc.description.allpeople | M. Aiello; D. Chiarella; G. Papaleo | - |
| dc.description.allpeopleoriginal | M. Aiello, D. Chiarella, G. Papaleo | - |
| dc.description.fulltext | none | en |
| dc.description.numberofauthors | 3 | - |
| dc.identifier.isi | WOS:000263821600022 | - |
| dc.identifier.scopus | 2-s2.0-58149105782 | - |
| dc.identifier.uri | https://hdl.handle.net/20.500.14243/56465 | - |
| dc.language.iso | eng | - |
| dc.subject.keywords | Anomaly Detection Techniques | - |
| dc.subject.keywords | indirect worm | - |
| dc.subject.keywords | real e-mail traffic. | - |
| dc.subject.singlekeyword | Anomaly Detection Techniques | * |
| dc.subject.singlekeyword | indirect worm | * |
| dc.subject.singlekeyword | real e-mail traffic | * |
| dc.title | Statistical anomaly detection on real e-mail traffic | en |
| dc.type.driver | info:eu-repo/semantics/article | - |
| dc.type.full | 01 Contributo su Rivista::01.01 Articolo in rivista | it |
| dc.type.miur | 262 | - |
| dc.type.referee | Sì, ma tipo non specificato | - |
| dc.ugov.descaux1 | 79866 | - |
| iris.isi.extIssued | 2009 | - |
| iris.isi.extTitle | Statistical Anomaly Detection on Real e-Mail Traffic | - |
| iris.orcid.lastModifiedDate | 2025/03/20 01:14:03 | * |
| iris.orcid.lastModifiedMillisecond | 1742429643990 | * |
| iris.scopus.extIssued | 2009 | - |
| iris.scopus.extTitle | Statistical anomaly detection on real e-mail traffic | - |
| iris.scopus.ideLinkStatusDate | 2024/05/30 16:50:16 | * |
| iris.scopus.ideLinkStatusMillisecond | 1717080616837 | * |
| iris.sitodocente.maxattempts | 4 | - |
| isi.authority.anceserie | ADVANCES IN SOFT COMPUTING###1615-3871 | * |
| isi.category | EP | * |
| isi.category | PN | * |
| isi.category | ET | * |
| isi.contributor.affiliation | Consiglio Nazionale delle Ricerche (CNR) | - |
| isi.contributor.affiliation | Consiglio Nazionale delle Ricerche (CNR) | - |
| isi.contributor.affiliation | Consiglio Nazionale delle Ricerche (CNR) | - |
| isi.contributor.country | Italy | - |
| isi.contributor.country | Italy | - |
| isi.contributor.country | Italy | - |
| isi.contributor.name | Maurizio | - |
| isi.contributor.name | Davide | - |
| isi.contributor.name | Gianluca | - |
| isi.contributor.researcherId | B-7583-2015 | - |
| isi.contributor.researcherId | C-3459-2015 | - |
| isi.contributor.researcherId | B-7568-2015 | - |
| isi.contributor.subaffiliation | Natl Res Council | - |
| isi.contributor.subaffiliation | Natl Res Council | - |
| isi.contributor.subaffiliation | Natl Res Council | - |
| isi.contributor.surname | Aiello | - |
| isi.contributor.surname | Chiarella | - |
| isi.contributor.surname | Papaleo | - |
| isi.date.issued | 2009 | * |
| isi.description.abstracteng | There are many recent studies and proposal in Anomaly Detection Techniques, especially in worm and virus detection. In this field it does matter to answer few important questions like at which ISO/OSI layer data analysis is done and which approach is used. Furthermore these works suffer of scarcity of real data due to lack of network resources or privacy problem: almost every work in this sector uses synthetic (e.g. DARPA) or pre-made set of data. Our study is based on layer seven quantities (number of e-mail sent in a chosen period): we analyzed quantitatively our network e-mail traffic (4 SMTP servers, 10 class C networks) and applied our method on gathered data to detect indirect worm infection (worms which use e-mail to spread infection). ne method is a threshold method and, in our dataset, it identified various worm activities. In this document we show our data analysis and results in order to stimulate new approaches and debates in Anomaly Intrusion Detection Techniques. | * |
| isi.description.allpeopleoriginal | Aiello, M; Chiarella, D; Papaleo, G; | * |
| isi.document.sourcetype | WOS.ISTP | * |
| isi.document.type | Proceedings Paper | * |
| isi.document.types | Proceedings Paper | * |
| isi.identifier.isi | WOS:000263821600022 | * |
| isi.journal.journaltitle | PROCEEDINGS OF THE INTERNATIONAL WORKSHOP ON COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS CISIS 2008 | * |
| isi.journal.journaltitleabbrev | ADV SOFT COMP | * |
| isi.language.original | English | * |
| isi.publisher.place | HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY | * |
| isi.relation.firstpage | 170 | * |
| isi.relation.lastpage | 177 | * |
| isi.relation.volume | 53 | * |
| isi.title | Statistical Anomaly Detection on Real e-Mail Traffic | * |
| scopus.authority.anceserie | ADVANCES IN SOFT COMPUTING###1615-3871 | * |
| scopus.category | 1701 | * |
| scopus.category | 2206 | * |
| scopus.category | 1706 | * |
| scopus.contributor.affiliation | IEIIT | - |
| scopus.contributor.affiliation | University of Genoa | - |
| scopus.contributor.affiliation | University of Genoa | - |
| scopus.contributor.afid | 60021199 | - |
| scopus.contributor.afid | 60025153 | - |
| scopus.contributor.afid | 60025153 | - |
| scopus.contributor.auid | 56962751700 | - |
| scopus.contributor.auid | 25930765400 | - |
| scopus.contributor.auid | 6603132158 | - |
| scopus.contributor.country | Italy | - |
| scopus.contributor.country | Italy | - |
| scopus.contributor.country | Italy | - |
| scopus.contributor.dptid | - | |
| scopus.contributor.dptid | 104273246 | - |
| scopus.contributor.dptid | 104273246 | - |
| scopus.contributor.name | Maurizio | - |
| scopus.contributor.name | Davide | - |
| scopus.contributor.name | Gianluca | - |
| scopus.contributor.subaffiliation | National Research Council; | - |
| scopus.contributor.subaffiliation | Department of Computer and Information Sciences; | - |
| scopus.contributor.subaffiliation | Department of Computer and Information Sciences; | - |
| scopus.contributor.surname | Aiello | - |
| scopus.contributor.surname | Chiarella | - |
| scopus.contributor.surname | Papaleo | - |
| scopus.date.issued | 2009 | * |
| scopus.description.abstracteng | There are many recent studies and proposal in Anomaly Detection Techniques, especially in worm and virus detection. In this field it does matter to answer few important questions like at which ISO/OSI layer data analysis is done and which approach is used. Furthermore these works suffer of scarcity of real data due to lack of network resources or privacy problem: almost every work in this sector uses synthetic (e.g. DARPA) or pre-made set of data. Our study is based on layer seven quantities (number of e-mail sent in a chosen period): we analyzed quantitatively our network e-mail traffic (4 SMTP servers, 10 class C networks) and applied our method on gathered data to detect indirect worm infection (worms which use e-mail to spread infection). The method is a threshold method and, in our dataset, it identified various worm activities. In this document we show our data analysis and results in order to stimulate new approaches and debates in Anomaly Intrusion Detection Techniques. © 2009 Springer-Verlag Berlin Heidelberg. | * |
| scopus.description.allpeopleoriginal | Aiello M.; Chiarella D.; Papaleo G. | * |
| scopus.differences | scopus.relation.lastpage | * |
| scopus.differences | scopus.subject.keywords | * |
| scopus.differences | scopus.relation.firstpage | * |
| scopus.differences | scopus.description.allpeopleoriginal | * |
| scopus.differences | scopus.identifier.doi | * |
| scopus.differences | scopus.description.abstracteng | * |
| scopus.differences | scopus.relation.volume | * |
| scopus.document.type | cp | * |
| scopus.document.types | cp | * |
| scopus.identifier.doi | 10.1007/978-3-540-88181-0_22 | * |
| scopus.identifier.eissn | 1860-0794 | * |
| scopus.identifier.isbn | 9783540881803 | * |
| scopus.identifier.pui | 354019673 | * |
| scopus.identifier.scopus | 2-s2.0-58149105782 | * |
| scopus.journal.sourceid | 21100778845 | * |
| scopus.language.iso | eng | * |
| scopus.relation.firstpage | 170 | * |
| scopus.relation.lastpage | 177 | * |
| scopus.relation.volume | 53 | * |
| scopus.subject.keywords | Anomaly Detection Techniques; Indirect worm; Real e-mail traffic; | * |
| scopus.title | Statistical anomaly detection on real e-mail traffic | * |
| scopus.titleeng | Statistical anomaly detection on real e-mail traffic | * |
| Appare nelle tipologie: | 01.01 Articolo in rivista | |
File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
