LD<sup>2</sup>: A system for lightweight detection of denial-of-service attacks
This paper proposes a system for lightweight detection of DoS attacks, called LD2. Our system detects attack activities by observing flow behaviors and matching them with graphlets for each attack type. The proposed system is lightweight because it does not analyze packet content nor packet statisti...
محفوظ في:
| المؤلفون الرئيسيون: | , , |
|---|---|
| مؤلفون آخرون: | |
| التنسيق: | Conference or Workshop Item |
| منشور في: |
2018
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | https://repository.li.mahidol.ac.th/handle/123456789/19198 |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| المؤسسة: | Mahidol University |
| الملخص: | This paper proposes a system for lightweight detection of DoS attacks, called LD2. Our system detects attack activities by observing flow behaviors and matching them with graphlets for each attack type. The proposed system is lightweight because it does not analyze packet content nor packet statistics. We benchmark performance of LD2, in terms of detection accuracy and complexity against Snort, a popular open-source IDS software. Our evaluations focus on six types of DoS attacks, namely SYN flood, UDP flood, ICMP flood, Smurf, port scan, and host scan. Results show that LD2 can accurately identify all occurrences and all hosts associated with attack activities. Although LD2 uses higher CPU cycles than Snort, it consumes much less memory than Snort. ©2008 IEEE. |
|---|