Detection of Distributed Denial of Service attacks in NMS Proactively
Publish Year: 1382
نوع سند: مقاله کنفرانسی
زبان: English
View: 2,734
This Paper With 9 Page And PDF Format Ready To Download
- Certificate
- من نویسنده این مقاله هستم
استخراج به نرم افزارهای پژوهشی:
شناسه ملی سند علمی:
ICIKT01_064
تاریخ نمایه سازی: 24 اردیبهشت 1388
Abstract:
In this paper, we report on testing the idea of proactive detection of Distributed Denial of Service (DDos) attacks.We implemented a software tool for this purpose , and did our experiments on a network management system(NMS).A new approach to implementing the idea is proposed . This method is an anomaly detection method in intrusion detection systems and detects abnormal high traffic in networks.Statistical methods perfrom better than rule-based ones, because if the attack pattern changes slightly, Statistical methods can detect them but rule-based onse cant. To validate this point and provide satisfactory experimental evidence, five DDoS attacks have been chosen and benchmarked on a research testbed, and Management Indormation Base(MIB) variables were recorded in NMS.Offline processing and analysis of these data led us to a model of data through Auto Regressive (AR) and the extended(ARX) models.We found a causal relation between MIB variables in the attacker and the victim machins and found precursors of the attack at victim`s side. After extraction of MIB variables , we designed an alarm system that reports occurance of abnormal traffic. During attacks,the volume of traffic is much higher than normal runs,so this method can detect the attack.
Keywords:
Distributed Denial Of Service , Security Management , Auto Regressive Models , Management Information Base , Proactie Detection
Authors
tala tafazzoli
IranTelecommunication Research Center
Hossein Pedram
Amirkabir University of Technology
Babak Sadeghian
Amirkabir University of Technology
Cobra Rahmani
Elmo Sanat University of Technology
مراجع و منابع این Paper:
لیست زیر مراجع و منابع استفاده شده در این Paper را نمایش می دهد. این مراجع به صورت کاملا ماشینی و بر اساس هوش مصنوعی استخراج شده اند و لذا ممکن است دارای اشکالاتی باشند که به مرور زمان دقت استخراج این محتوا افزایش می یابد. مراجعی که مقالات مربوط به آنها در سیویلیکا نمایه شده و پیدا شده اند، به خود Paper لینک شده اند :