Early detection and limitation Hot-IPs using Non-Adaptive Group Testing and dynamic firewall rules

In this paper, we propose a solution to fast detect and limit Hot-IPs using Non-Adaptive Group Testing method and dynamic firewall rules. Hot-IPs are hosts appear with high frequency in network. They can be threats such as denial of service attacks or Internet worms. Therefore, fast detecting and limiting Hot-IPs are very important issues in network to decrease these risks. Non-adaptive group testing method is used to fast detect Hot-IPs. We also implement parallel processing algorithm with PVM to reduce the decoding time. Beside on that, we use dynamic firewall rules to increase flexibility and security. This approach helps to decrease time to lookup rules and improve the performance for firewall processing.

[1]  Mark Ryan,et al.  Synthesising verified access control systems through model checking , 2008, J. Comput. Secur..

[2]  Kathi Fisler,et al.  Specifying and Reasoning About Dynamic Access-Control Policies , 2006, IJCAR.

[3]  R. Dorfman The Detection of Defective Members of Large Populations , 1943 .

[4]  Yichun Liu,et al.  Trust-based Dynamic Access Control Model for P2P Network , 2006, 2006 International Conference on Communications, Circuits and Systems.

[5]  Sebastian Kiesel,et al.  An ABAC-based Policy Framework for Dynamic Firewalling , 2012, ICSNC 2012.

[6]  Sajjad Ahmad,et al.  Design of Algorithm for Environment based Dynamic Access Control Model for Database Systems , 2011 .

[7]  Mark Ryan,et al.  A Knowledge-Based Verification Method for Dynamic Access Control Policies , 2011, ICFEM.

[8]  Roy H. Campbell,et al.  Dynamic access control: preserving safety and trust for network defense operations , 2003, SACMAT '03.

[9]  Dhananjay S. Phatak,et al.  Spread Identity: A new dynamic address remapping mechanism for anonymity and DDoS defense , 2013, J. Comput. Secur..

[10]  Ehab Al-Shaer,et al.  Dynamic rule-ordering optimization for high-speed firewall filtering , 2006, ASIACCS '06.

[11]  Thach V. Bui,et al.  Early detection for networking anomalies using non-adaptive group testing , 2013, 2013 International Conference on ICT Convergence (ICTC).

[12]  D. Du,et al.  Combinatorial Group Testing and Its Applications , 1993 .

[13]  Graham Cormode,et al.  What's hot and what's not: tracking most frequent items dynamically , 2003, TODS.

[14]  Tan Hanh,et al.  FAST DETECTION OF DDOS ATTACKS USING NON -ADAPTIVE GROUP TESTING , 2013 .

[15]  Jingren Zhou,et al.  SCOPE: easy and efficient parallel processing of massive data sets , 2008, Proc. VLDB Endow..

[16]  Richard C. Singleton,et al.  Nonrandom binary superimposed codes , 1964, IEEE Trans. Inf. Theory.

[17]  Russell J. Clark,et al.  Resonance: dynamic access control for enterprise networks , 2009, WREN '09.

[18]  Moritz Y. Becker Specification and Analysis of Dynamic Authorisation Policies , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[19]  Eric Torng,et al.  A difference resolution approach to compressing Access Control Lists , 2013, 2013 Proceedings IEEE INFOCOM.

[20]  Ely Porat,et al.  Search Methodologies , 2022 .