Publication details

Netflow Based System for NAT Detection



Year of publication 2009
Type Article in Proceedings
Conference Co-Next Student Workshop '09: Proceedings of the 5th international student workshop on Emerging networking experiments and technologies
MU Faculty or unit

Institute of Computer Science

Field Informatics
Keywords Netflow; NAT detection; network security
Description Revealing the misuse of network resources is one of the im- portant fields in the network security, especially for the network administrators. One of them is the use of unauthorized NAT (Network Address Translation) devices (e.g. small office routers or wireless access points) inside the network which introduces serious security issues. There are several techniques proposed on how to detect NAT devices in the computer networks, but all these methods suffer from high false positive rate. Also there is no study how to perform NAT detection using NetFlow data, often used for monitoring and forensics analysis in large networks. The contribution of our work consists of the following: i) we have transformed existing NAT detection techniques to work with NetFlow data, ii) we propose three new NAT detection approaches, iii) we have designed a prototype of NAT detection system, which aggregates the results from various NAT detection techniques in order to minimize false positive and false negative rates.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info