A cascade architecture for DoS attacks detection based on the wavelet transform
作者: Alberto Dainotti , Antonio Pescapé , Giorgio Ventre
关键词:
摘要: In this paper we propose an automated system able to detect volume-based anomalies in network traffic caused by Denial of Service (DoS) attacks. We designed a with two-stage architecture that combines more traditional change point detection approaches (Adaptive Threshold and Cumulative Sum) novel one based on the Continuous Wavelet Transform. The presented anomaly is achieve good results terms trade-off between correct detections false alarms, estimation duration, ability distinguish subsequent anomalies. test our using set publicly available attack-free traces which superimpose profiles obtained both as time series known common behaviors generating real tools for DoS Extensive show how proposed accurately detects wide range performance indicators are affected characteristics (i.e. amplitude duration). Moreover, separately consider evaluate some special test-cases.
medra.org 
acm.org 参考文章(30)
Antonio Pescapè, Alberto Dainotti, Giorgio Ventre, Wavelet-based Detection of DoS Attacks. global communications conference. ,(2006)
Alexander Tartakovsky, Boris Rozovskii, A novel approach to detection of \denial{of{service" attacks via adaptive sequential and batch{sequential change{point detection methods ,(2001)
Giovanni Vigna, Richard A. Kemmerer, NetSTAT: a network-based intrusion detection system Journal of Computer Security. ,vol. 7, pp. 37- 71 ,(1999) , 10.3233/JCS-1999-7103
Chen-Mou Cheng, H.T. Kung, Koan-Sin Tan, Use of spectral analysis in defense against DoS attacks global communications conference. ,vol. 3, pp. 2143- 2148 ,(2002) , 10.1109/GLOCOM.2002.1189011
M. Lopez-Caniego, F. Argueso, L. Toffolatti, J. L. Sanz, J. Gonzalez-Nuevo, D. Herranz, P. Vielva, The Mexican Hat Wavelet Family. Application to point source detection in cosmic microwave background maps european signal processing conference. pp. 1- 4 ,(2005)
M. López-Caniego, M. López-Caniego, F. Argüeso, L. Toffolatti, J. L. Sanz, J. González-Nuevo, D. Herranz, P. Vielva, The Mexican hat wavelet family : application to point-source detection in cosmic microwave background maps Monthly Notices of the Royal Astronomical Society. ,vol. 369, pp. 1603- 1610 ,(2006) , 10.1111/J.1365-2966.2006.10442.X
R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, S. Zhou, Specification-based anomaly detection Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 265- 274 ,(2002) , 10.1145/586110.586146
Richard Lippmann, Joshua W Haines, David J Fried, Jonathan Korba, Kumar Das, The 1999 DARPA off-line intrusion detection evaluation recent advances in intrusion detection. ,vol. 34, pp. 579- 595 ,(2000) , 10.1016/S1389-1286(00)00139-0
Glenn Carl, Richard R. Brooks, Suresh Rai, Wavelet based Denial-of-Service detection Computers & Security. ,vol. 25, pp. 600- 615 ,(2006) , 10.1016/J.COSE.2006.08.017
E. S. PAGE, CONTINUOUS INSPECTION SCHEMES Biometrika. ,vol. 41, pp. 100- 115 ,(1954) , 10.1093/BIOMET/41.1-2.100