Denial-of-service attack-detection techniques

被引:234
作者
Carl, G [1 ]
Kesidis, G
Brooks, RR
Rai, S
机构
[1] Penn State Univ, University Pk, PA 16802 USA
[2] Clemson Univ, Holcombe Dept Elect & Comp Engn, Clemson, SC 29631 USA
[3] Louisiana State Univ, Dept Elect & Elect Engn, Baton Rouge, LA 70803 USA
来源
IEEE INTERNET COMPUTING | 2006年 / 10卷 / 01期
基金
美国国家科学基金会;
关键词
D O I
10.1109/MIC.2006.5
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Denial-of-service (DoS) detection techniques - such as activity profiling,change-point detection, and wavelet-based signal analysis - face the considerable challenge of discriminating network-based flooding attacks from sudden increases in legitimate activity or flash events. This survey of techniques and testing results provides insight into our ability to successfully identify DoS flooding attacks. Although each detector shows promise in limited testing, none completely solve the detection problem. Combining various approaches With experienced network operators will most likely produce the best results.
引用
收藏
页码:82 / 89
页数:8
相关论文
共 14 条
[1]  
Allen J, 2000, CMUSEI99TR028
[2]  
[Anonymous], P 2 IEEE WORKSH SYST
[3]  
[Anonymous], DISRUPTIVE SECURITY
[4]  
[Anonymous], INTERNET DENIAL SERV
[5]  
[Anonymous], P WWW HON HI US MAY
[6]  
Barford P, 2002, IMW 2002: PROCEEDINGS OF THE SECOND INTERNET MEASUREMENT WORKSHOP, P71, DOI 10.1145/637201.637210
[7]   Statistical approaches to DDoS attack detection and response [J].
Feinstein, L ;
Schnackenberg, D ;
Balupari, R ;
Kindred, D .
DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL I, PROCEEDINGS, 2003, :303-314
[8]  
GORDON LA, 2004, CSI FBI COMPUTER CRI
[9]  
Jung J, 2004, P IEEE S SECUR PRIV, P211
[10]   The 1999 DARPA off-line intrusion detection evaluation [J].
Lippmann, R ;
Haines, JW ;
Fried, DJ ;
Korba, J ;
Das, K .
COMPUTER NETWORKS-THE INTERNATIONAL JOURNAL OF COMPUTER AND TELECOMMUNICATIONS NETWORKING, 2000, 34 (04) :579-595
12