Cambiaso et al., 2020 - Google Patents
Detection and classification of slow DoS attacks targeting network serversCambiaso et al., 2020
View PDF- Document ID
- 11810669009254091365
- Author
- Cambiaso E
- Aiello M
- Mongelli M
- Vaccari I
- Publication year
- Publication venue
- Proceedings of the 15th International Conference on Availability, Reliability and Security
External Links
Snippet
Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have …
- 238000001514 detection method 0 title abstract description 43
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11032314B2 (en) | Triggering targeted scanning to detect rats and other malware | |
| Tripathi et al. | How secure are web servers? An empirical study of slow HTTP DoS attacks and detection | |
| Jeya et al. | Efficient classifier for R2L and U2R attacks | |
| Cambiaso et al. | Slowcomm: Design, development and performance evaluation of a new slow DoS attack | |
| Aiello et al. | An on-line intrusion detection approach to identify low-rate DoS attacks | |
| Kemp et al. | Utilizing netflow data to detect slow read attacks | |
| Cambiaso et al. | Detection and classification of slow DoS attacks targeting network servers | |
| Bhatt et al. | HADS: Hybrid anomaly detection system for IoT environments | |
| Varalakshmi et al. | Thwarting DDoS attacks in grid using information divergence | |
| Mongelli et al. | Detection of DoS attacks through Fourier transform and mutual information | |
| Aiello et al. | Profiling DNS tunneling attacks with PCA and mutual information | |
| US12113821B2 (en) | Computer networking with security features | |
| Fei et al. | The abnormal detection for network traffic of power iot based on device portrait | |
| Karnani et al. | A comprehensive survey on low-rate and high-rate DDoS defense approaches in SDN: taxonomy, research challenges, and opportunities | |
| Frye et al. | An ontology-based system to identify complex network attacks | |
| Sulaiman et al. | Investigation of the impact of DDoS attack on network efficiency of the University of Zakho | |
| Fidele et al. | Denial of Service (DoS) attack identification and analyse using sniffing technique in the network environment | |
| Sanlı | Detection and mitigation of denial of service attacks in internet of things networks | |
| Li et al. | A general framework of trojan communication detection based on network traces | |
| Rajakumaran et al. | Early detection of LDoS attack using SNMP MIBs | |
| Li et al. | Towards real-time ML-based DDoS detection via cost-efficient window-based feature extraction | |
| Rai et al. | Intrusion detection systems: A review | |
| Khosroshahi et al. | Detection of sources being used in ddos attacks | |
| Talukdar et al. | Slowloris Attack Detection Using Adaptive Timeout-Based Approach. | |
| Abudalfa et al. | Evaluating performance of supervised learning techniques for developing real-time intrusion detection system |