BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks

机译：脑：网络中基于行为的自适应入侵检测：使用硬件性能计数器检测DDoS攻击

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Denial-of-Service (DoS) and Distributed Denial-of Service (DDoS) attacks account for one third of all service downtime incidents. Current DoS/DDoS attacks are not only limited to knocking down online services, but they also disguise other malicious attacks such as delivering malware, data-theft, wire fraud and even extortion. Detection of these attacks is predominantly based on the packet data and metrics derived only from packets. This work proposes a host based DDoS detection framework called BRAIN: BehavioR based Adaptive Intrusion detection in Networks. BRAIN leverages already available Hardware Performance Counters in modern processors to model the application behavior using low-level hardware events. BRAIN combines network statistics and modeled application behavior to detect DDoS attacks using machine learning. Our experiments show that BRAIN can detect multiple types of DDoS attacks, including those are undetectable by existing tools with an accuracy of 99.8% and a false alarm rate of 0%.

机译：拒绝服务（DoS）和分布式拒绝服务（DDoS）攻击占所有服务停机事件的三分之一。当前的DoS / DDoS攻击不仅限于关闭在线服务，而且还掩盖了其他恶意攻击，例如传递恶意软件，数据盗窃，电汇欺诈甚至勒索。这些攻击的检测主要基于数据包数据和仅从数据包得出的指标。这项工作提出了一种基于主机的DDoS检测框架，称为BRAIN：网络中基于BehavioR的自适应入侵检测。 BRAIN利用现代处理器中已经可用的硬件性能计数器来使用低级硬件事件对应用程序行为进行建模。 BRAIN结合了网络统计信息和建模的应用程序行为，以使用机器学习检测DDoS攻击。我们的实验表明，BRAIN可以检测多种类型的DDoS攻击，包括现有工具无法检测到的DDoS攻击，其准确性为99.8％，错误警报率为0％。

著录项

来源
《International Conference on VLSI Design;International Conference on Embedded Systems》|2016年|587-588|共2页
会议地点
作者
Vinayaka Jyothi; Xueyang Wang; Sateesh K. Addepalli; Ramesh Karri;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Application security; BRAIN; DDoS; HPC; Hardware Performance Couners; Intrusion detection; Machine Leaning; Network Security; apdaptive; behavior based;

机译：应用程序安全性; BRAIN; DDoS; HPC;硬件性能计数器;入侵检测;机器学习;网络安全性;自适应;基于行为;

相似文献

外文文献
中文文献
专利

1. Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network [J] . Mueen Uddin, Raed Alsaqour, Maha Abdelhaq Indian Journal of Science and Technology . 2013,第2期

机译：入侵检测系统可检测Gnutella混合P2P网络中的DDoS攻击
2. Adapted stream region for packet marking based on DDoS attack detection in vehicular ad hoc networks [J] . Kolandaisamy Raenu, Noor Rafidah Md, Zaba Muhammad Reza, Journal of supercomputing . 2020,第8期

机译：基于车辆临时网络中DDOS攻击检测的分组标记的适应流区域
3. Real time detection of cache-based side-channel attacks using hardware performance counters [J] . Chiappetta Marco, Savas Erkay, Yilmaz Cemal Applied Soft Computing . 2016,第Null期

机译：使用硬件性能计数器实时检测基于缓存的边信道攻击
4. BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks [C] . Vinayaka Jyothi, Xueyang Wang, Sateesh K. Addepalli, International Conference on VLSI Design . 2016

机译：BRAUS：网络中的行为自适应入侵检测：使用硬件性能计数器检测DDOS攻击
5. DDoS attacks: Detecting attacks and defending the network [D] . Heinrich, Robert 2015

机译：DDoS攻击：检测攻击并防御网络
6. Countering DDoS Attacks in SIP Based VoIP Networks Using Recurrent Neural Networks [O] . Waleed Nazih, Yasser Hifny, Wail S. Elkilani, 2020

机译：使用经常性神经网络对基于SIP的VoIP网络进行反击DDOS攻击
7. Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network [O] . Mueen Uddin 2013

机译：入侵检测系统检测GNUTELLA混合P2P网络中的DDOS攻击

BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks

摘要

著录项

相似文献

相关主题

期刊订阅