论文信息 - On-Line Detection of Distributed Attacks from Space-Time Network Flow Patterns

On-Line Detection of Distributed Attacks from Space-Time Network Flow Patterns

Abstract : Parametric and non-parametric change detection algorithms are applied to the problem of detecting changes in the direction of traffic flow. The directionality of the change in a network flow is assumed to have an objective or target. The particular problem of detecting distributed denial of service attacks from distributed observations is presented as a working framework. The performance of our change detection algorithms is evaluated via simulations.

[1] Michèle Basseville,et al. Detection of abrupt changes: theory and application , 1993 .

[2] Vern Paxson,et al. How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[3] Alexander G. Tartakovsky,et al. A novel approach to detection of \denial{of{service" attacks via adaptive sequential and batch{sequential change{point detection methods , 2001 .

[4] Alʹbert Nikolaevich Shiri︠a︡ev,et al. Optimal stopping rules , 1977 .

[5] George M. Weaver,et al. Trends in Denial of Service Attack Technology CERT ® Coordination Center , 2001 .

[6] K. M. Van Hee. Optimal stopping rules: A.N. SHIRYAYEV, Vol. 8, in: A.V. Balakrishnan (Man. Ed.), Applications of mathematics, Springer, Berlin, 1978, x + 217 pages, cloth DM 54.00, US $27.00. , 1979 .

[7] Albert-László Barabási,et al. Statistical mechanics of complex networks , 2001, ArXiv.

[8] B. Stephan. Optimal filtering for denial of service mitigation , 2002, Proceedings of the 41st IEEE Conference on Decision and Control, 2002..

[9] Kang G. Shin,et al. Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[10] Kevin J. Houle,et al. Trends in Denial of Service Attack Technology , 2001 .