Lightweight detection of DoS attacks

Lightweight detection of DoS attacks

Denial of Service (DoS) attacks have continued to evolve and impact availability of the Internet infrastructure. Many researchers in the field of network security and system survivability have been developing mechanisms to detect DoS attacks. By doing so they hope to maximize accurate detections (tr...

Full description

Saved in:
Bibliographic Details
Main Authors: Sirikarn Pukkawanna, Vasaka Visoottiviseth, Panita Pongpaibool
Other Authors: Mahidol University
Format: Conference or Workshop Item
Published: 2018
Subjects:
Computer Science
Social Sciences
Online Access:https://repository.li.mahidol.ac.th/handle/123456789/24386
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Mahidol University
id th-mahidol.24386
record_format dspace
spelling th-mahidol.243862018-08-24T09:17:38Z Lightweight detection of DoS attacks Sirikarn Pukkawanna Vasaka Visoottiviseth Panita Pongpaibool Mahidol University Thailand National Electronics and Computer Technology Center Computer Science Social Sciences Denial of Service (DoS) attacks have continued to evolve and impact availability of the Internet infrastructure. Many researchers in the field of network security and system survivability have been developing mechanisms to detect DoS attacks. By doing so they hope to maximize accurate detections (true-positive) and minimize non-justified detections (false-positive). This research proposes a lightweight method to identify DoS attacks by analyzing host behaviors. Our method is based on the concept of BLINd Classification or BLINC: no access to packet payload, no knowledge of port numbers, and no additional information other than what current flow collectors provide. Rather than using pre-defined signatures or rules as in typical Intrusion Detection Systems, BLINC maps flows into graphlets of each attack pattern. In this work we create three types of graphlets for the following DoS attack patterns: SYN flood, ICMP flood, and host scan. Results show that our method can identify all occurrences and all hosts associated with attack activities, with a low percentage of false positive. © 2007 IEEE. 2018-08-24T01:48:03Z 2018-08-24T01:48:03Z 2007-12-01 Conference Paper ICON 2007 - Proceedings of the 2007 15th IEEE International Conference on Networks. (2007), 77-82 10.1109/ICON.2007.4444065 2-s2.0-48149114703 https://repository.li.mahidol.ac.th/handle/123456789/24386 Mahidol University SCOPUS https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=48149114703&origin=inward
institution Mahidol University
building Mahidol University Library
continent Asia
country Thailand
Thailand
content_provider Mahidol University Library
collection Mahidol University Institutional Repository
topic Computer Science
Social Sciences
spellingShingle Computer Science
Social Sciences
Sirikarn Pukkawanna
Vasaka Visoottiviseth
Panita Pongpaibool
Lightweight detection of DoS attacks
description Denial of Service (DoS) attacks have continued to evolve and impact availability of the Internet infrastructure. Many researchers in the field of network security and system survivability have been developing mechanisms to detect DoS attacks. By doing so they hope to maximize accurate detections (true-positive) and minimize non-justified detections (false-positive). This research proposes a lightweight method to identify DoS attacks by analyzing host behaviors. Our method is based on the concept of BLINd Classification or BLINC: no access to packet payload, no knowledge of port numbers, and no additional information other than what current flow collectors provide. Rather than using pre-defined signatures or rules as in typical Intrusion Detection Systems, BLINC maps flows into graphlets of each attack pattern. In this work we create three types of graphlets for the following DoS attack patterns: SYN flood, ICMP flood, and host scan. Results show that our method can identify all occurrences and all hosts associated with attack activities, with a low percentage of false positive. © 2007 IEEE.
author2 Mahidol University
author_facet Mahidol University
Sirikarn Pukkawanna
Vasaka Visoottiviseth
Panita Pongpaibool
format Conference or Workshop Item
author Sirikarn Pukkawanna
Vasaka Visoottiviseth
Panita Pongpaibool
author_sort Sirikarn Pukkawanna
title Lightweight detection of DoS attacks
title_short Lightweight detection of DoS attacks
title_full Lightweight detection of DoS attacks
title_fullStr Lightweight detection of DoS attacks
title_full_unstemmed Lightweight detection of DoS attacks
title_sort lightweight detection of dos attacks
publishDate 2018
url https://repository.li.mahidol.ac.th/handle/123456789/24386
_version_ 1763492949429059584

Similar Items