- Αρχική Σελίδα
- →
- Κεντρική Βιβλιοθήκη Ε.Μ.Π.
- →
- Ιδρυματικό Αποθετήριο
- →
- Δημοσιεύσεις μελών Δ.Ε.Π. σε συνέδρια
- →
- Εμφάνιση Τεκμηρίου
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Siaterlis, C | en |
| dc.contributor.author | Maglaris, V | en |
| dc.date.accessioned | 2014-03-01T02:43:27Z | |
| dc.date.available | 2014-03-01T02:43:27Z | |
| dc.date.issued | 2005 | en |
| dc.identifier.issn | 0926227X | en |
| dc.identifier.uri | https://dspace.lib.ntua.gr/xmlui/handle/123456789/31417 | |
| dc.relation.uri | http://www.scopus.com/inward/record.url?eid=2-s2.0-28844473551&partnerID=40&md5=cf441dd83d7f09d2b4590dc6efe4e067 | en |
| dc.relation.uri | http://iospress.metapress.com/openurl.asp?genre=article&issn=0926-227X&volume=13&issue=5&spage=779 | en |
| dc.relation.uri | http://www.informatik.uni-trier.de/~ley/db/journals/jcs/jcs13.html#SiaterlisM05 | en |
| dc.subject | Anomaly detection | en |
| dc.subject | Data fusion | en |
| dc.subject | Denial of Service attacks | en |
| dc.subject | Security | en |
| dc.subject.other | Bandwidth | en |
| dc.subject.other | Computer crime | en |
| dc.subject.other | Expert systems | en |
| dc.subject.other | Neural networks | en |
| dc.subject.other | Security of data | en |
| dc.subject.other | Telecommunication links | en |
| dc.subject.other | Telecommunication traffic | en |
| dc.subject.other | Anomaly detection | en |
| dc.subject.other | Data fusion | en |
| dc.subject.other | DDoS detection | en |
| dc.subject.other | Denial of Service attacks | en |
| dc.subject.other | Sensor data fusion | en |
| dc.title | One step ahead to multisensor data fusion for DDoS detection | en |
| heal.type | conferenceItem | en |
| heal.publicationDate | 2005 | en |
| heal.abstract | This work introduces the use of data fusion in the field of DDoS anomaly detection. We present Dempster-Shafer Theory of Evidence (D-S), the mathematical foundation for the development of a novel DDoS detection engine. Based on a data fusion paradigm, we combine evidence generated from multiple simple metrics to feed our D-S inference engine and detect attacks on a single network element (high bandwidth link). The main advantages of our approach are the modeling power of the Theory of Evidence in expressing beliefs in some hypotheses, its flexibility to handle uncertainty and ignorance and its ability to provide quantitative measurement of the belief and plausibility in our detection results. Furthermore we propose a system that can be trained (supervised learning) with minimum human effort, using in parallel expert knowledge about each metric detection ability. We evaluate our detection engine prototype through an extensive set of experiments on an operational network using real network traffic, with the use of a popular DDoS attack generator. Based on these results we discuss the performance of our D-S scheme in contrast to simple thresholds on single metrics, as well as against an alternative data fusion technique based on an Artificial Neural Network. We conclude that our data fusion is a promising approach that significantly increases the DDoS detection rate (true positives) while keeping the false positive alarm rate low. © 2005 - IOS Press and the authors. All rights reserved. | en |
| heal.journalName | Journal of Computer Security | en |
| dc.identifier.volume | 13 | en |
| dc.identifier.issue | 5 | en |
| dc.identifier.spage | 779 | en |
| dc.identifier.epage | 806 | en |
Αρχεία σε αυτό το τεκμήριο
| Αρχεία | Μέγεθος | Μορφότυπο | Προβολή |
|---|---|---|---|
|
Δεν υπάρχουν αρχεία που σχετίζονται με αυτό το τεκμήριο. |
|||
