Use of IP Addresses for High Rate Flooding Attack Detection

机译：使用IP地址进行高速率泛洪攻击检测

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a "white list" filter in a firewall as part of the mitigation strategy.

机译：高速泛洪攻击（又称为分布式拒绝服务或DDoS攻击）继续构成Internet域内的有害威胁。在这项工作中，我们演示了如何结合使用数据包源IP地址和新IP地址到达率的变化点分析来检测高速率泛洪攻击的发生。重要的是，最大程度地减少要检查的功能，直接解决了检测过程可扩展到更高网络速度的问题。使用概念验证的实现，我们已经展示了如何使用位向量有效地表示预启动IP地址，并将其用作缓解策略中防火墙中的“白名单”过滤器。

著录项

来源
《Security and privacy-silver linings in the cloud》|2010年|p.124-135|共12页
会议地点 Brisbane(AU);Brisbane(AU);Brisbane(AU);Brisbane(AU)
作者
Ejaz Ahmed; George Mohay; Alan Tickle; Sajal Bhatia;
展开▼
作者单位

Queensland University of Technology, GPO Box 2434 Brisbane, QLD 4001, Australia;

Queensland University of Technology, GPO Box 2434 Brisbane, QLD 4001, Australia;

Queensland University of Technology, GPO Box 2434 Brisbane, QLD 4001, Australia;

Queensland University of Technology, GPO Box 2434 Brisbane, QLD 4001, Australia;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词
ip addresses; bit vector; bloom filter; cumulative sum;

机译：IP地址；位向量布隆过滤器累计金额;

相似文献

外文文献
中文文献
专利

1. An efficient detection of TCP Syn flood attacks with spoofed IP addresses [J] . Bae Youngjun, Kim Intae, Hwang Seong Oun Journal of intelligent & fuzzy systems: Applications in Engineering and Technology . 2018,第6期

机译：用欺骗IP地址有效地检测TCP SYN泛滥攻击
2. A pharming attack hybrid detection model based on IP addresses and web content [J] . Li Yuancheng, Chu Shengnan, Xiao Rui Optik: Zeitschrift fur Licht- und Elektronenoptik: = Journal for Light-and Electronoptic . 2015,第2期

机译：基于IP地址和Web内容的Pharming攻击混合检测模型
3. Black Hole Attacks Detection by Invalid Ip Addresses in Mobile Ad Hoc Networks [J] . Reza Amiri, Marjan Kuchaki Rafsanjani, Ehsan Khosravi Indian Journal of Science and Technology . 2014,第4期

机译：移动自组织网络中无效IP地址的黑洞攻击检测
4. Use of IP Addresses for High Rate Flooding Attack Detection [C] . Ejaz Ahmed, George Mohay, Alan Tickle, IFIP TC 11 international information security conference . 2010

机译：使用IP地址进行高速洪水攻击检测
5. Monitoring unknown source IP addresses and packet sizes to detect DDoS attacks [D] . Kone, Roseline Estelle Sindolmane 2014

机译：监视未知的源IP地址和数据包大小以检测DDoS攻击
6. Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers [O] . Roberto Alonso, Raúl Monroy, Luis A. Trejo 2016

机译：挖掘IP与域名的交互以检测递归DNS服务器上的DNS泛洪攻击
7. Use of IP Addresses for High Rate Flooding Attack Detection [O] . Ahmed, Ejaz, Mohay, George, Tickle, Alan, 2010

机译：使用IP地址进行高速率泛洪攻击检测
8. Highway Research: The Second Strategic Highway Research Program Addresses the Four Required Areas, but Some Anticipated Research Was Not Funded [R] . 2010

机译：公路研究：第二个战略公路研究计划解决了四个必要领域，但一些预期的研究没有资助

Use of IP Addresses for High Rate Flooding Attack Detection

摘要

著录项

相似文献

相关主题

期刊订阅