On the Collaborative Inference of DDoS: An Information-theoretic Distributed Approach
作者: Ouerfelli Fatima Ezzahra , Barbaria Khaled , Elias Bou-Harb , Claude Fachkha , Belhassen Zouari
DOI: 10.1109/IWCMC.2018.8450465
关键词:
摘要: Literature contributions have shown that information theoretic techniques can effectively detect various types of Distributed Denial Service (DDoS) attacks. However, such are often centralized with a limited measurement vantage point and suffer from the issue single failure. Furthermore, flourishing distributed cloudbased environments, ought to adapt settings for scalability performance reasons. In this paper, we address problem collaborative DDoS detection using information-theoretic techniques. To end, propose an entropy-based mechanism supports agreement identify suitable tuning network parameters inference in real-time. Empirical evaluations real attacks demonstrate proposed approach is indeed capable cooperatively inferring while achieving resiliency scalability.
4science.it参考文章(17)
Apoorva Karkhanis, Ketki Nanadikar, Shweta Patole, Aishwarya Kachi, FireCol: A Collaborative Protection Network for the Detection of Flooding DDOS Attack International journal of engineering research and technology. ,(2014)
Roberto Perdisci, Guofei Gu, Wenke Lee, Junjie Zhang, BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection usenix security symposium. pp. 139- 154 ,(2008)
Xinlei Ma, Yonghong Chen, DDoS Detection Method Based on Chaos Analysis of Network Traffic Entropy IEEE Communications Letters. ,vol. 18, pp. 114- 117 ,(2014) , 10.1109/LCOMM.2013.112613.132275
Jaeyeon Jung, Balachander Krishnamurthy, Michael Rabinovich, Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites the web conference. pp. 293- 304 ,(2002) , 10.1145/511446.511485
Fei Wang, Xiaofeng Wang, Jinshu Su, Bin Xiao, VicSifter: A Collaborative DDoS Detection System with Lightweight Victim Identification trust security and privacy in computing and communications. pp. 215- 222 ,(2012) , 10.1109/TRUSTCOM.2012.295
Cheolhyeon Kwon, Weiyi Liu, Inseok Hwang, Security analysis for Cyber-Physical Systems against stealthy deception attacks american control conference. pp. 3344- 3349 ,(2013) , 10.1109/ACC.2013.6580348
Jie Zhang, Zheng Qin, Lu Ou, Pei Jiang, JianRong Liu, Alex X. Liu, An advanced entropy-based DDOS detection scheme international conference on information networking. ,vol. 2, ,(2010) , 10.1109/ICINA.2010.5636786
Jelena Mirkovic, Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms acm special interest group on data communication. ,vol. 34, pp. 39- 53 ,(2004) , 10.1145/997150.997156
José Jair Santanna, Roland van Rijswijk-Deij, Anna Sperotto, Rick Hofstede, Mark Wierbosch, Lisandro Zambenedetti Granville, Aiko Pras, José Jair Santanna, Roland van Rijswijk-Deij, Anna Sperotto, Aiko Pras, Roland van Rijswijk-Deij, Anna Sperotto, Aiko Pras, Roland van Rijswijk-Deij, Anna Sperotto, Aiko Pras, Booters — An analysis of DDoS-as-a-service attacks integrated network management. pp. 243- 251 ,(2015) , 10.1109/INM.2015.7140298
George Oikonomou, Jelena Mirkovic, Peter Reiher, Max Robinson, A Framework for a Collaborative DDoS Defense annual computer security applications conference. pp. 33- 42 ,(2006) , 10.1109/ACSAC.2006.5