论文信息 - An Intrusion Surveillance System to Detect IRC-based DDoS Attacks

An Intrusion Surveillance System to Detect IRC-based DDoS Attacks

Distributed denial of service (DDoS) attacks has been a serious threat on security of the current Internet. Recently there is a trend that many DDoS attacks utilize Internet relay chat (IRC) infrastructures as the communication channels. In this paper we propose an intrusion surveillance system (ISS) to detect IRC-based DDoS attacks. The main functions of ISS are to observe network conditions, gather intelligence from distributed sources, and determine what potential attacks will likely happen. We give the detailed design of ISS in this paper. We also implement this system by using a new approach of text-based decision making - distributed preference-based surveillance (DPBS) algorithm. By experiments we demonstrate that this distributed algorithm can effectively identify potential IRC-based DDoS attacks based on the information from different locations

Wanlei Zhou | Yang Xiang

[1] Matthew Mathis. Windowed Ping: An IP Layer Performance Diagnostic , 1994, Comput. Networks ISDN Syst..

[2] David Geer,et al. Malicious bots threaten network security , 2005, Computer.

[3] Jarkko Oikarinen,et al. Internet Relay Chat Protocol , 1993, RFC.

[4] Mark Allman,et al. Measuring end-to-end bulk transfer capacity , 2001, IMW '01.

[5] Lee Garber,et al. Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[6] John McHugh,et al. Defending Yourself: The Role of Intrusion Detection Systems , 2000, IEEE Software.

[7] Lluís Màrquez i Villodre,et al. Boosting Trees for Anti-Spam Email Filtering , 2001, ArXiv.

[8] Georgios Paliouras,et al. An evaluation of Naive Bayesian anti-spam filtering , 2000, ArXiv.

[9] Wanlei Zhou,et al. A reactive system architecture for building fault-tolerant distributed applications , 2004, J. Syst. Softw..

[10] Jim Mellander,et al. Intrusion Detection & Prevention , 2003 .

[11] Giovanni Vigna,et al. Intrusion detection: a brief history and overview , 2002 .

[12] Thorsten Holz. A Short Visit to the Bot Zoo , 2005, IEEE Secur. Priv..

[13] Tianshun Yao,et al. An evaluation of statistical spam filtering techniques , 2004, TALIP.

[14] L. Spitzner,et al. Honeypots: Tracking Hackers , 2002 .

[15] Gregg H. Gunsch,et al. An artificial immune system architecture for computer security applications , 2002, IEEE Trans. Evol. Comput..