PIDS: A Behavioral Framework for Analysis and Detection of Network Printer Attacks

机译：PIDS：用于分析和检测网络打印机攻击的行为框架

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Nowadays, every organization might be attacked through its network printers. The malicious exploitation of printing protocols is a dangerous and underestimated threat against every printer today. This article presents PIDS (Printers' IDS), an intrusion detection system for detecting attacks on printing protocols. PIDS continuously captures various features and events obtained from traffic produced by printing protocols in order to detect attacks. As part of this research, we conducted thousands of automatic and manual printing protocol attacks on various printers and recorded thousands of the printers' benign network sessions. Then we applied various supervised machine learning algorithms to classify the collected data as normal (benign) or abnormal (malicious). We evaluated several detection algorithms in order to obtain the best detection results for malicious protocol traffic of printers. Our empirical results suggest that the proposed framework is effective in detecting printing protocol attacks, providing an accuracy of 99.9 with negligible false-positive rate.

机译：如今，每个组织都可能通过其网络打印机受到攻击。对打印协议的恶意利用对当今的每台打印机都是危险且被低估的威胁。本文介绍了PIDS（打印机IDS），这是一种用于检测对打印协议的攻击的入侵检测系统。 PIDS连续捕获从打印协议产生的流量中获得的各种功能和事件，以检测攻击。作为这项研究的一部分，我们对各种打印机进行了数千次自动和手动打印协议攻击，并记录了数千个打印机的良性网络会话。然后，我们应用了各种监督的机器学习算法，将收集到的数据分类为正常（良性）或异常（恶意）。我们评估了几种检测算法，以获得针对打印机的恶意协议流量的最佳检测结果。我们的经验结果表明，所提出的框架可有效检测打印协议攻击，提供99.9的准确率和可忽略的假阳性率。

著录项

来源
《International Conference on Malicious and Unwanted Software》|2018年|87-94|共8页
会议地点
作者
Asaf Hecht; Adi Sagi; Yuval Elovici;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Printers; Protocols; Printing; Tools; Feature extraction; Three-dimensional displays; Telecommunication traffic;

机译：打印机;协议;打印;工具;特征提取;三维显示;电信流量;

相似文献

外文文献
中文文献
专利

1. Detection and Fortification Analysis of WiMAX Network: With Misbehavior Node Attack [J] . Rakesh Kumar Jha, Idris Z. Bholebawa, Upena D. Dalal, International journal of communications, network, and system sciences . 2012,第6期

机译：WiMAX网络的检测和设防分析：具有不当行为节点攻击
2. Detection and Fortification Analysis of WiMAX Network:With Misbehavior Node Attack [J] . Rakesh Kumar Jha, Idris Z. Bholebawa, Upena D. Dalai, International Journal of Communications, Network and System Sciences . 2012,第6期

机译：WiMAX网络的检测与设防分析：节点行为不当攻击
3. An ensemble learning and fog-cloud architecture-driven cyber-attack detection framework for IoMT networks [J] . Kumar Prabhat, Gupta Govind P., Tripathi Rakesh Computer Communications . 2021,第Jana期

机译：IOMT网络的集合学习和迷雾云架构驱动的网络攻击检测框架
4. PIDS: A Behavioral Framework for Analysis and Detection of Network Printer Attacks [C] . Asaf Hecht, Adi Sagi, Yuval Elovici International Conference on Malicious and Unwanted Software . 2018

机译：PIDS：用于分析和检测网络打印机攻击的行为框架
5. A framework for signal strength based intrusion detection system for link layer attacks in wireless network. [D] . Li, Chen Guang. 2008

机译：一种基于信号强度的入侵检测系统框架，用于无线网络中的链路层攻击。
6. Coupling infectious diseases human preventive behavior and networks – A conceptual framework for epidemic modeling [O] . Liang Mao, Yan Yang -1

机译：传染病人类预防行为和网络的耦合-流行病建模的概念框架
7. A self-healing framework to combat cyber attacks. Analysis and development of a self-healing mitigation framework against controlled malware attacks for enterprise networks. [O] . Alhomoud Adeeb M. 2014

机译：打击网络攻击的自我修复框架。分析和开发针对企业网络的受控恶意软件攻击的自我修复缓解框架。

PIDS: A Behavioral Framework for Analysis and Detection of Network Printer Attacks

摘要

著录项

相似文献

相关主题

期刊订阅