Identifying computers hidden behind a nat using machine learning techniques Academic Article uri icon

abstract

  • Abstract: Attackers may use computers hidden behind a Network Address Translator (NAT) in order to conduct malicious activities such as denial of service (DoS). In such cases law enforcement agencies are unable in many cases to single out an attacker from all the users hidden behind the NAT. In this paper we present an innovative approach for clustering the sessions emanating from the NAT in order to identify the attacker. Each cluster should ideally include only the sessions emanating from a specific computer. A system that …

publication date

  • January 1, 2007