KSII Transactions on Internet and Information Systems (TIIS)

  • 제2권3호
  • /
  • Pages.135-149
  • /
  • 2008
  • /
  • 1976-7277(pISSN)
  • /
  • 1976-7277(eISSN)
한국인터넷정보학회 (Korean Society for Internet Information)
권호 표지
DOI QR코드

DOI QR Code

Fast Detection of Distributed Global Scale Network Attack Symptoms and Patterns in High-speed Backbone Networks

  • Kim, Sun-Ho (Graduate School of Information and Communications, Ajou University) ;
  • Roh, Byeong-Hee (Graduate School of Information and Communications, Ajou University)
  • 발행 : 2008.07.25
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Traditional attack detection schemes based on packets or flows have very high computational complexity. And, network based anomaly detection schemes can reduce the complexity, but they have a limitation to figure out the pattern of the distributed global scale network attack. In this paper, we propose an efficient and fast method for detecting distributed global-scale network attack symptoms in high-speed backbone networks. The proposed method is implemented at the aggregate traffic level. So, our proposed scheme has much lower computational complexity, and is implemented in very high-speed backbone networks. In addition, the proposed method can detect attack patterns, such as attacks in which the target is a certain host or the backbone infrastructure itself, via collaboration of edge routers on the backbone network. The effectiveness of the proposed method are demonstrated via simulation.

키워드

피인용 문헌

  1. Detection of SIP Flooding Attacks based on the Upper Bound of the Possible Number of SIP Messages vol.3, pp.5, 2008, https://doi.org/10.3837/tiis.2009.05.006
  2. A Fair Transmission Opportunity by Detecting and Punishing the Malicious Wireless Stations in IEEE 802.11e EDCA Network vol.5, pp.4, 2008, https://doi.org/10.1109/jsyst.2011.2165598