Cyber Attack Source Analysis

698 WordsFeb 24, 20183 Pages
Results At first, we will take a look at some statistical numbers we have collected in the past months. We the help of the web interface, we can easily query the database to get a quick overview of peaks in the data set that we have collected: • Average number of attack sources per day is 184.94 • Maximum number of attack sources per day was 2022 and happened at November 15, 2004. The two number show that there is a high variation in the collected data about the number of unique attack sources per day. To take a closer look at this phenomenon, we present in Table 1 the number of unique sources for six different platforms. In addition, the ta- ble presents the average number of sources per day, which shows a high variation across different platforms as well. Currently it is unclear why we have this high variation in the number of average source per day. One possible explanation for the high number of average sources for the first platform is the following: since this system is deployed within the network with the first octet 192, it presumably receives many packets from broken systems which use Network Address Translation (NAT). Such a system often use the IP range 192.168.0.0/16 (defined in RFCWindows Others Unknown Week 1 7235 18 10 Week 2 6839 26 5 Week 3 6475 38 - Week 4 7766 89 - Week 5 6594 24 64 Week 6 3599 5 58 Week 7 4640 11 92 Week 8 6247 20 83 Table 2: Operating system of attack source on weekly basis between January and February 2005 1918). If this system is infected
Open Document