nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Self-adaptive System for the Corporate Area Network Resilience in the Presence of Botnet Cyberattacks

verfasst von : Sergii Lysenko, Oleg Savenko, Kira Bobrovnikova, Andrii Kryshchuk

Erschienen in: Computer Networks

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The paper presents a self-adaptive system for the corporate area networks’ resilience in the presence of botnets’ cyberattacks. The resilience is ensured by the adaptive reconfiguration of the network. The reconfiguration of the network is carried out based on security scenarios, adopted on the base of the cluster analysis of gathered Internet traffic features inherent to cyberattacks. In order to choose the needed security scenarios, the proposed method uses a semi-supervised fuzzy c-means clustering. Objects of clustering are feature vectors which elements may indicate the appearance of cyber threats in the corporate area networks. The purpose of the technique is to choose security scenarios according to cyberattacks performed by botnets in order to mitigate the attacks and ensure the network’s resilient functioning.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Security Considerations of Modern Embedded Devices and Networking Equipment

Nächstes Kapitel QoS- and Energy-Aware Services Management of Resources in a Cloud Computing Environment

NEXUSGUARD: DDoS Threat Report 2017 Q3. https://www.nexusguard.com/threat-report-q3-2017

Oxford Dictionaries. http://www.oxforddictionaries.com/definition/english/botnet?q=botnet

SearchDataCenter. Data Center Resiliency. http://searchdatacenter.techtarget.com/definition/resiliency

Giudice, M., Wilkinson, C.: Crowe Horwath: Resilience Going Beyond Security to a New Level of Readiness (2016). https://www.crowehorwath.com/insights/asset/cyber-resilience-readiness-level

Knapp, E.D., Langill, J.T.: Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems, vol. 460. Syngress (2014)

Cheng, B.H.C., et al.: Software engineering for self-adaptive systems: a research roadmap. In: Cheng, B.H.C., de Lemos, R., Giese, H., Inverardi, P., Magee, J. (eds.) Software Engineering for Self-Adaptive Systems. LNCS, vol. 5525, pp. 1–26. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02161-9_1CrossRef

Macías-Escrivá, F.D., Haber, R., Del Toro, R., Hernandez, V.: Self-adaptive systems: a survey of current approaches, research challenges and applications. Exp. Syst. Appl. 40(18), 7267–7279 (2013)CrossRef

Zuzcak, M., Sochor, T.: Behavioral analysis of bot activity in infected systems using honeypots. In: Gaj, P., Kwiecień, A., Sawicki, M. (eds.) CN 2017. CCIS, vol. 718, pp. 118–133. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59767-6_10CrossRef

Sochor, T., Zuzcak, M.: Attractiveness study of honeypots and honeynets in internet threat detection. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2015. CCIS, vol. 522, pp. 69–81. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19419-6_7CrossRef

10.

Wang, H., Jia, Q., Fleck, D., Powell, W., Li, F., Stavrou, A.: A moving target DDoS defense mechanism. Comput. Commun. 46, 10–21 (2014)CrossRef

11.

Javadianasl, Y., Manaf, A.A., Zamani, M.: A practical procedure for collecting more volatile information in live investigation of botnet attack. In: Hassanien, A.E., Fouad, M.M., Manaf, A.A., Zamani, M., Ahmad, R., Kacprzyk, J. (eds.) Multimedia Forensics and Security. ISRL, vol. 115, pp. 381–414. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44270-9_17CrossRef

12.

Khattak, S., Ramay, N.R., Khan, K.R., Syed, A.A., Khayam, S.A.: A taxonomy of botnet behavior, detection, and defense. IEEE Commun. Surv. Tutorials 16(2), 898–924 (2014)CrossRef

13.

Wang, P., Wu, L., Aslam, B., Zou, C.C.: Analysis of Peer-to-Peer botnet attacks and defenses. In: Król, D., Fay, D., Gabryś, B. (eds.) Propagation Phenomena in Real World Networks. ISRL, vol. 85, pp. 183–214. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15916-4_8CrossRef

14.

Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recognit. Lett. 51, 1–7 (2015)CrossRef

15.

Hoque, N., Bhuyan, M.H., Baishya, R.C., Bhattacharyya, D.K., Kalita, J.K.: Network attacks: taxonomy, tools and systems. J. Netw. Comput. Appl. 40, 307–324 (2014)CrossRef

16.

Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)CrossRef

17.

Pathan, A.S.K. (ed.): Security of Self-organizing Networks: MANET, WSN, WMN, VANET, vol. 638. CRC Press, Boca Raton (2016)

18.

Branitskiy, A., Kotenko, I.: Network attack detection based on combination of neural, immune and neuro-fuzzy classifiers. In: 2015 IEEE 18th International Conference on Computational Science and Engineering (CSE), pp. 152–159 (2015)

19.

Komar, M., Sachenko, A., Bezobrazov, S., Golovko, V.: Intelligent cyber defense system using artificial neural network and immune system techniques. In: Ginige, A., et al. (eds.) Information and Communication Technologies in Education, Research, and Industrial Applications, ICTERI 2016. CCIS, vol. 783, pp. 36–55. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69965-3_3CrossRef

20.

Bezobrazov, S., Sachenko, A., Komar, M., Rubanau, V.: The methods of artificial intelligence for malicious applications detection in Android OS. Int. J. Comput. 15(3), 184–190 (2016)

21.

Lysenko, S., Savenko, O., Kryshchuk, A., Kljots, Y.: Botnet detection technique for corporate area network. In: Proceedings of the 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), pp. 363–368 (2013)

22.

Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A.: Multi-agent based approach for botnet detection in a corporate area network using fuzzy logic. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2013. CCIS, vol. 370, pp. 146–156. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38865-1_16CrossRef

23.

Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A., Bobrovnikova, K.: Anti-evasion technique for the botnets detection based on the passive DNS monitoring and active DNS probing. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2016. CCIS, vol. 608, pp. 83–95. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39207-3_8CrossRef

24.

Lysenko, S., Savenko, O., Bobrovnikova, K., Kryshchuk, A., Savenko, B.: Information technology for botnets detection based on their behaviour in the corporate area network. In: Gaj, P., Kwiecień, A., Sawicki, M. (eds.) CN 2017. CCIS, vol. 718, pp. 166–181. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59767-6_14CrossRef

25.

IMPERVA INCAPSULA. https://www.incapsula.com/ddos/attack-glossary

26.

Najafabadi, M.M., Khoshgoftaar, T.M., Napolitano, A., Wheelus, C.: RUDY Attack: detection at the network level and its important features. In: FLAIRS Conference, pp. 288–293 (2016)

27.

Alejandre, F.V., Cortés, N.C., Anaya, E.A.: Botnet detection using clustering algorithms. Res. Comput. Sci. 118, 65–75 (2016)

28.

Pedrycz, W., Waletzky, J.: Fuzzy clustering with partial supervision. IEEE Trans. Syst. Man Cybernet. Part B (Cybernet.) 27(5), 787–795 (1997)CrossRef

29.

VIRUS BULLETIN. Grooten, M.: VB2017 Videos on Attacks Against Ukraine. https://www.virusbulletin.com/blog/2017/12/vb2017-videos-attacks-against-ukraine/

30.

SOURCE FORGE: R-U-Dead-Yet? (RUDY) Original Source Code Files. https://sourceforge.net/projects/r-u-dead-yet/

31.

SOURCE FORGE: Hyenae. https://sourceforge.net/projects/hyenae/

32.

dSniff. https://www.monkey.org/~dugsong/dsniff

33.

Linkov, I., Palma-Oliveira, J.M. (eds.): Resilience and Risk: Methods and Application in Environment, Cyber and Social Domains, vol. 580. Springer, Dordrecht (2017). https://doi.org/10.1007/978-94-024-1123-2CrossRef

Titel: Self-adaptive System for the Corporate Area Network Resilience in the Presence of Botnet Cyberattacks
verfasst von: Sergii Lysenko
Oleg Savenko
Kira Bobrovnikova
Andrii Kryshchuk
Verlag: Springer International Publishing
Buch: Computer Networks
Print ISBN: 978-3-319-92458-8

Electronic ISBN: 978-3-319-92459-5

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-92459-5_31

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"