Osanaiye et al., 2016 - Google Patents
Change-point cloud DDoS detection using packet inter-arrival timeOsanaiye et al., 2016
View PDF- Document ID
- 12190165633143045168
- Author
- Osanaiye O
- Choo K
- Dlodlo M
- Publication year
- Publication venue
- 2016 8th Computer Science and Electronic Engineering (CEEC)
External Links
Snippet
Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining …
- 238000001514 detection method 0 title description 44
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/08—Monitoring based on specific metrics
- H04L43/0876—Network utilization
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/06—Report generation
- H04L43/062—Report generation for traffic related reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/16—Arrangements for monitoring or testing packet switching networks using threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/04—Processing of captured monitoring data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/12—Arrangements for monitoring or testing packet switching networks using dedicated network monitoring probes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/14—Arrangements for maintenance or administration or management of packet switching networks involving network analysis or design, e.g. simulation, network model or planning
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Osanaiye et al. | Change-point cloud DDoS detection using packet inter-arrival time | |
| David et al. | Efficient DDoS flood attack detection using dynamic thresholding on flow-based network traffic | |
| Ponomarev et al. | Industrial control system network intrusion detection by telemetry analysis | |
| David et al. | DDoS attack detection using fast entropy approach on flow-based network traffic | |
| EP2953298B1 (en) | Log analysis device, information processing method and program | |
| Thapngam et al. | Discriminating DDoS attack traffic from flash crowd through packet arrival patterns | |
| US8776226B2 (en) | Method and apparatus for detecting SSH login attacks | |
| Gadal et al. | Anomaly detection approach using hybrid algorithm of data mining technique | |
| Muhammad et al. | Integrated security information and event management (siem) with intrusion detection system (ids) for live analysis based on machine learning | |
| Yudhana et al. | DDoS classification using neural network and naïve bayes methods for network forensics | |
| US20160352759A1 (en) | Utilizing Big Data Analytics to Optimize Information Security Monitoring And Controls | |
| Subbulakshmi et al. | Detection of DDoS attacks using Enhanced Support Vector Machines with real time generated dataset | |
| US9705899B2 (en) | Digital filter correlation engine | |
| Fernandes Jr et al. | Autonomous profile-based anomaly detection system using principal component analysis and flow analysis | |
| JP2015076863A (en) | Log analyzing device, method and program | |
| Chawla et al. | Discrimination of DDoS attacks and flash events using Pearson’s product moment correlation method | |
| Buragohain et al. | Anomaly based DDoS attack detection | |
| Gupta et al. | GARCH and ANN-based DDoS detection and filtering in cloud computing environment | |
| Mangrulkar et al. | Network attacks and their detection mechanisms: A review | |
| Yu et al. | Hurst parameter based anomaly detection for intrusion detection system | |
| Hnamte et al. | An extensive survey on intrusion detection systems: Datasets and challenges for modern scenario | |
| Soniya et al. | Detection of randomized bot command and control traffic on an end-point host | |
| Moustafa et al. | RCNF: Real-time collaborative network forensic scheme for evidence analysis | |
| Khan et al. | A chaotic measure for cognitive machine classification of distributed denial of service attacks | |
| Abaid et al. | Early detection of in-the-wild botnet attacks by exploiting network communication uniformity: An empirical study |