HEAL DSpace

Detecting DDoS attacks with passive measurement based heuristics

Αποθετήριο DSpace/Manakin

Εμφάνιση απλής εγγραφής

dc.contributor.author Siaterlis, C en
dc.contributor.author Maglaris, B en
dc.date.accessioned 2014-03-01T02:42:34Z
dc.date.available 2014-03-01T02:42:34Z
dc.date.issued 2004 en
dc.identifier.issn 15301346 en
dc.identifier.uri https://dspace.lib.ntua.gr/xmlui/handle/123456789/31050
dc.subject ddos attack en
dc.subject Distributed Denial of Service en
dc.subject Passive Measurement en
dc.subject Production Network en
dc.subject.other Algorithms en
dc.subject.other Bandwidth en
dc.subject.other Data reduction en
dc.subject.other Heuristic methods en
dc.subject.other Parameter estimation en
dc.subject.other Spamming en
dc.subject.other Detection algorithms en
dc.subject.other Distributed denial of service (DDoS) en
dc.subject.other Heuristics en
dc.subject.other Network traffic en
dc.subject.other Telecommunication traffic en
dc.title Detecting DDoS attacks with passive measurement based heuristics en
heal.type conferenceItem en
heal.identifier.primary 10.1109/ISCC.2004.1358427 en
heal.identifier.secondary http://dx.doi.org/10.1109/ISCC.2004.1358427 en
heal.publicationDate 2004 en
heal.abstract Network traffic anomalies such as Distributed Denial of Service attacks or the propagation of a new worm are hard to detect on non-congested ISP backbone links. The research community hasn't managed to offer reliable detection metrics that can be implemented with the current technology constraints to network administrators yet. In this work we explore and evaluate the effectiveness of several potential heuristics in detecting flooding attacks. Our observations are based on a daily network traffic analysis for a period longer than 3 months and on more than 40 experiments that were conducted with the use of common DDoS tools in the production network of an academic ISP. The data analyzed are based on different types of passive measurements that are available today to ISP's. We identify multiple effective detection metrics that could give network administrators insight to malicious activities passing through their networks. en
heal.journalName Proceedings - International Symposium on Computers and Communications en
dc.identifier.doi 10.1109/ISCC.2004.1358427 en
dc.identifier.volume 1 en
dc.identifier.spage 339 en
dc.identifier.epage 344 en


Αρχεία σε αυτό το τεκμήριο

Αρχεία Μέγεθος Μορφότυπο Προβολή

Δεν υπάρχουν αρχεία που σχετίζονται με αυτό το τεκμήριο.

Αυτό το τεκμήριο εμφανίζεται στην ακόλουθη συλλογή(ές)

Εμφάνιση απλής εγγραφής