 |
The Fifth International Conference on Internet and Web Applications and Services ICIW 2010 May 9 - 15, 2010 - Barcelona, Spain |
| Tutorials |
T1. Advanced Statistical Approaches for Network Anomaly Detection
Christian Callegari, University of Pisa, Italy
T2. Understanding the Threat of Botnets
Basheer Al-Duwairi, Jordan University of Science & Technol, Jordan
DETAILS
T1. Advanced Statistical Approaches for Network Anomaly Detection
Christian Callegari, University of Pisa, Italy
This tutorial provides an overview of the most relevant statistical approaches for network anomaly detection. In the first part, starting from the seminal work by Denning, the basic concepts about anomaly detection will be introduced. In the second part of the tutorial, some of the most recent and relevant works about statistical anomaly detection will be discussed. For each of the presented methods the description of the theoretical background, focusing on why the method should be effective in detecting network anomalies, will be accompanied by a discussion on the anomalies that can be detected and on the achievable results.
T2. Understanding the Threat of Botnets
Basheer Al-Duwairi, Jordan University of Science & Technol, Jordan
Botnets represent an immanent threat for today’s Internet. The people directing these botnets, called botmasters or botherders, are increasingly using these large networks of compromised machines to generate different types of attacks that include spam, distributed denial of service (DDoS), click fraud, identity theft, etc. In this context, botnets can be viewed as a dangerous attack infrastructure and a source for many of the security incidents that we see every day. These malicious networks generally operate in two main planes: the command and control (C&C) plane where bots receive commands from the botmaster and take several forms with different levels of sophistication and robustness, and the activity plane where bots execute these commands to launch different types of attacks.
