nach oben

Soft Computing

Erschienen in:

18.01.2016 | Methodologies and Application

A protocol-free detection against cloud oriented reflection DoS attacks

verfasst von: Le Xiao, Wei Wei, Weidong Yang, Yulong Shen, Xianglin Wu

Erschienen in: Soft Computing | Ausgabe 13/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Distributed denial of service (DDoS) attack presents a critical threat to cloud infrastructure, where many manipulated hosts flood the victim cloud with plenty of packets, which will lead to the exhaustion of bandwidth and other system resources. As one type of DDoS attack, in reflection DoS (RDoS) attack, legitimate servers (reflectors) are fooled into sending a large number of packets to the victim cloud. Most of the existed RDoS attack detection mechanisms are protocol-specific, thus low in efficiency. It is inspected that because of being triggered by the same attacking flow, intra-unite correlation exists among the packet rate of attacking flows. Based on the phenomenon, a flow correlation coefficient (FCC)-based protocol-free detection (PFD) algorithm is proposed. The simulation results show that PFD can detect attacking flows efficiently and effectively and is not protocol-specific, thus can be used as effective supplement to existed algorithms.

Vorheriger Artikel Rough set methods in feature selection via submodular function

Nächster Artikel Fuzzy -tolerance competition graphs

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

CHKP (2010) Stateful inspection technology (the industry standard for enterprise class network security solutions). http://www.checkpoint.com/products/downloads/Stateful _Inspection

Crovella M, Bestavros A (1997) Self-similarity in world wide web traffic: Evidence and possible causes. IEEE/ACM Trans Netw. 5(6):835–846CrossRef

Drakos RN (2002) Application-level reflection attacks. http://www.lemuria.org/security/application-drdos.html

Ferguson P (2000) rfc2827:network ingress filtering: defeating denial of service attacks which employ ip source address spoofing

Ficco M, Palmieri F (2015) Introducing fraudulent energy consumption in cloud infrastructures: a new generation of denial-of-service attacks. IEEE Syst J 99:1–11

Jung J, Krishnamurthy B, Rabinovich M (2002) Flash crowds and denial of service attacks: characterization and implications for cdns and web sites. In: Proc. 11th Intl Conf. World Wide Web (WWW), pp 252–262

Kandula S, Katabi D, Jacob M, Berger A (2005) Botz-4-sale: surviving organized ddos attacks that mimic flash crowds. In: Proceedings of the 2nd conference on Symposium on Networked Systems Design, vol 2, pp 287–300

Liu Y, Wei W (2015) A replication-based mechanism for fault tolerance in mapreduce framework. Math Probl Eng 2015(1):1–7. http://www.hindawi.com/journals/mpe/2015/408921/

Oikonomou G, Mirkovic J (2009) Modeling human behavior for defense against flash-crowd attacks. In: Proc. IEEE Intl Conf. Comm

Palmieri F, Ricciardi S, Fiore U (2011) Evaluating network-based dos attacks under the energy consumption perspective: new security issues in the coming green ICT area. International Conference on Broadband. Wireless Computing, Communication and Applications (BWCCA), pp 374–379

Palmieri F, Ficco M, Castiglione A (2014a) Adaptive stealth energy-related dos attacks against cloud data centers. In: International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp 265–272

Palmieri F, Fiore U, Castiglione A (2014b) A distributed approach to network anomaly detection based on independent component analysis. Concurr Comput Pract Exp 26(5):1113–1129CrossRef

Palmieri F, Ricciardi S, Fiore U, Ficco M, Castiglione A (2015) Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures. J Supercomput 71(5):1620–1641CrossRef

Paxson V (2001) An analysis of using reflectors for distributed denial-of-service attacks. ACM SIGCOMM Comput Commun Rev 31(3):38–47CrossRef

Paxson V, Floyd S (1995) Wide area traffic: the failure of poisson modeling. IEEE/ACM Trans Netw 3(3):226–244CrossRef

Rooj G (2011) Real stateful tcp packet filtering in ip filter. In: 10th USENIX Security Symposium

Scherrer A, Larrieu N, Owezarski P, Borgnat P, Abry P (2007) Non-gaussian and long memory statistical characterizations for internet traffic with anomalies. IEEE Trans Dependable Secure Comput 4(1):56–70CrossRef

Tsunoda H, Ohta K, Yamamoto A, Ansari N, Waizumi Y, Nemoto Y (2008) Detecting drdos attacks by a simple response packet confirmation mechanism. Comput Commun 31(14):3299–3306CrossRef

Wei W, Chen F, Xia Y, Jin G (2013) A rank correlation based detection against distributed reflection dos attacks. IEEE Commun Lett 17(1):173–175CrossRef

Wei W, Liu Y, Zhang Y (2014a) TRLMS: two-stage resource scheduling algorithm for cloud based live media streaming system. IEICE Trans Inf Syst 97-D(7):1731–1734

Wei W, Zhang Y, Liu Y (2014b) A time-efficient solution to the general resource placement problem in cloud. Math Prob Eng 2014(1):1–10. http://www.hindawi.com/journals/mpe/2014/760458/

Xie Y, Yu S (2009a) A large-scale hidden semi-markov model for anomaly detection on user browsing behaviors. IEEE/ACM Trans Netw 17(1):54–56CrossRef

Xie Y, Yu S (2009b) Monitoring the application-layer ddos attacks for popular websites. IEEE/ACM Trans Netw 17(1):15–25CrossRef

Yu S, Zhou W, Doss R (2008) Information theory based detection against network behavior mimicking ddos attacks. IEEE Commun Lett 12(4):319–321

Yu S, Zhou W, Jia W, Guo S, Xiang Y, Tang F (2013) Discriminating ddos attacks from flash crowds using flow correlation coffcient. IEEE Trans Parallel Distribut Syst 23(6):1073–1080CrossRef

Titel: A protocol-free detection against cloud oriented reflection DoS attacks
verfasst von: Le Xiao
Wei Wei
Weidong Yang
Yulong Shen
Xianglin Wu
Publikationsdatum: 18.01.2016
Verlag: Springer Berlin Heidelberg
Erschienen in: Soft Computing / Ausgabe 13/2017
Print ISSN: 1432-7643
Elektronische ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-015-2025-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 13/2017

F-transform-based shooting method for nonlinear boundary value problems

A new representation for inverse fuzzy transform and its application

Fuzzy $$\phi $$ ϕ -tolerance competition graphs

Supervised and semi-supervised classifiers for the detection of flood-prone areas

Editorial

Self-adaptive differential evolution with global neighborhood search