[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Tang et al., 2018 - Google Patents

Low-rate dos attack detection based on two-step cluster analysis

Tang et al., 2018

Document ID
14019540840444105749
Author
Tang D
Dai R
Tang L
Zhan S
Man J
Publication year
Publication venue
International Conference on Information and Communications Security

External Links

Snippet

The low-rate denial of service (LDoS) attacks reduce the throughput of TCP traffic by sending high rate and short duration bursts periodically to the victim. Although many LDoS attack detection methods have been proposed, LDoS attacks are still difficult to accurately …
Continue reading at link.springer.com (other versions)

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/30Information retrieval; Database structures therefor; File system structures therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/02Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
    • H04L43/026Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N99/00Subject matter not provided for in other groups of this subclass
    • G06N99/005Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/26Monitoring arrangements; Testing arrangements
    • H04L12/2602Monitoring arrangements

Similar Documents

Publication Publication Date Title
Gao et al. A distributed network intrusion detection system for distributed denial of service attacks in vehicular ad hoc network
Verma et al. Statistical analysis of CIDDS-001 dataset for network intrusion detection systems using distance-based machine learning
Jeya et al. Efficient classifier for R2L and U2R attacks
Xiao et al. Towards network anomaly detection using graph embedding
Tang et al. Low-rate dos attack detection based on two-step cluster analysis
Tang et al. Low-rate DoS attack detection based on two-step cluster analysis and UTR analysis
Bajaj et al. Dimension reduction in intrusion detection features using discriminative machine learning approach
Sharon et al. An intelligent intrusion detection system using hybrid deep learning approaches in cloud environment
Sree et al. HADM: detection of HTTP GET flooding attacks by using Analytical hierarchical process and Dempster–Shafer theory with MapReduce
Kozik et al. Pattern extraction algorithm for NetFlow‐based botnet activities detection
Liu et al. A survey on encrypted traffic identification
Sait et al. Multi-level anomaly detection: Relevance of big data analytics in networks
Ban et al. Detection of botnet activities through the lens of a large-scale darknet
Jyothsna et al. Flow based anomaly intrusion detection system using ensemble classifier with Feature Impact Scale
Tang et al. HSLF: HTTP header sequence based lsh fingerprints for application traffic classification
Hajimaghsoodi et al. Rad: A statistical mechanism based on behavioral analysis for ddos attack countermeasure
RU148692U1 (en) COMPUTER SECURITY EVENTS MONITORING SYSTEM
Zwane et al. Ensemble learning approach for flow-based intrusion detection system
CN103501302B (en) Method and system for automatically extracting worm features
Sharma et al. An overview of flow-based anomaly detection
Min et al. Online Internet traffic identification algorithm based on multistage classifier
Shraya Taruna et al. Enhanced naive bayes algorithm for intrusion detection in data mining
Jing et al. DDoS detection based on graph structure features and non‐negative matrix factorization
Shaikh et al. Advanced signature-based intrusion detection system
Feng et al. Toward explainable and adaptable detection and classification of distributed denial-of-service attacks