Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks
This study proposes a capable, scalable, and reliable edge-to-edge model for filtering malicious traffic through real-time monitoring of the impact of user behavior on quality of service (QoS) regulations. The model investigates user traffic, including that injected through distributed gateways and...
Saved in:
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Elsevier
2015
|
Subjects: | |
Online Access: | http://umpir.ump.edu.my/id/eprint/12716/1/Filtration%20Model%20for%20the%20Detection%20Of%20Malicious%20Traffic%20In%20Large-Scale%20Networks.pdf http://umpir.ump.edu.my/id/eprint/12716/ http://dx.doi.org/10.1016/j.comcom.2015.10.012 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Malaysia Pahang |
Language: | English |
id |
my.ump.umpir.12716 |
---|---|
record_format |
eprints |
spelling |
my.ump.umpir.127162018-05-16T07:53:20Z http://umpir.ump.edu.my/id/eprint/12716/ Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks Ahmed, Abdulghani Ali Aman, Jantan Wan, Tat-Chee QA75 Electronic computers. Computer science This study proposes a capable, scalable, and reliable edge-to-edge model for filtering malicious traffic through real-time monitoring of the impact of user behavior on quality of service (QoS) regulations. The model investigates user traffic, including that injected through distributed gateways and that destined to gateways that are experiencing actual attacks. Misbehaving traffic filtration is triggered only when the network is congested, at which point burst gateways generate an explicit congestion notification (ECN) to misbehaving users. To investigate the behavior of misbehaving user traffic, packet delay variation (PDV) ratios are actively estimated and packet transfer rates are passively measured at a unit time. Users who exceed the PDV bit rates specified in their service level agreements (SLAs) are filtered as suspicious users. In addition, suspicious users who exceed the SLA bandwidth bit rates are filtered as network intruders. Simulation results demonstrate that the proposed model efficiently filters network traffic and precisely detects malicious traffic Elsevier 2015 Article PeerReviewed application/pdf en http://umpir.ump.edu.my/id/eprint/12716/1/Filtration%20Model%20for%20the%20Detection%20Of%20Malicious%20Traffic%20In%20Large-Scale%20Networks.pdf Ahmed, Abdulghani Ali and Aman, Jantan and Wan, Tat-Chee (2015) Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks. Computer Communications. ISSN 0140-3664 (In Press) http://dx.doi.org/10.1016/j.comcom.2015.10.012 DOI: 10.1016/j.comcom.2015.10.012 |
institution |
Universiti Malaysia Pahang |
building |
UMP Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Malaysia Pahang |
content_source |
UMP Institutional Repository |
url_provider |
http://umpir.ump.edu.my/ |
language |
English |
topic |
QA75 Electronic computers. Computer science |
spellingShingle |
QA75 Electronic computers. Computer science Ahmed, Abdulghani Ali Aman, Jantan Wan, Tat-Chee Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks |
description |
This study proposes a capable, scalable, and reliable edge-to-edge model for filtering malicious traffic through real-time monitoring of the impact of user behavior on quality of service (QoS) regulations. The model investigates user traffic, including that injected through distributed gateways and that destined to gateways that are experiencing actual attacks. Misbehaving traffic filtration is triggered only when the network is congested, at which point burst gateways generate an explicit congestion notification (ECN) to misbehaving users. To investigate the behavior of misbehaving user traffic, packet delay variation (PDV) ratios are actively estimated and packet transfer rates are passively measured at a unit time. Users who exceed the PDV bit rates specified in their service level agreements (SLAs) are filtered as suspicious users. In addition, suspicious users who exceed the SLA bandwidth bit rates are filtered as network intruders. Simulation results demonstrate that the proposed model efficiently filters network traffic and precisely detects malicious traffic |
format |
Article |
author |
Ahmed, Abdulghani Ali Aman, Jantan Wan, Tat-Chee |
author_facet |
Ahmed, Abdulghani Ali Aman, Jantan Wan, Tat-Chee |
author_sort |
Ahmed, Abdulghani Ali |
title |
Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks |
title_short |
Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks |
title_full |
Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks |
title_fullStr |
Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks |
title_full_unstemmed |
Filtration Model for the Detection of Malicious Traffic in Large-Scale Networks |
title_sort |
filtration model for the detection of malicious traffic in large-scale networks |
publisher |
Elsevier |
publishDate |
2015 |
url |
http://umpir.ump.edu.my/id/eprint/12716/1/Filtration%20Model%20for%20the%20Detection%20Of%20Malicious%20Traffic%20In%20Large-Scale%20Networks.pdf http://umpir.ump.edu.my/id/eprint/12716/ http://dx.doi.org/10.1016/j.comcom.2015.10.012 |
_version_ |
1643666975831883776 |