Publication: Lightweight detection of DoS attacks
| dc.contributor.author | Sirikarn Pukkawanna | en_US |
| dc.contributor.author | Vasaka Visoottiviseth | en_US |
| dc.contributor.author | Panita Pongpaibool | en_US |
| dc.contributor.other | Mahidol University | en_US |
| dc.contributor.other | Thailand National Electronics and Computer Technology Center | en_US |
| dc.date.accessioned | 2018-08-24T01:48:03Z | |
| dc.date.available | 2018-08-24T01:48:03Z | |
| dc.date.issued | 2007-12-01 | en_US |
| dc.description.abstract | Denial of Service (DoS) attacks have continued to evolve and impact availability of the Internet infrastructure. Many researchers in the field of network security and system survivability have been developing mechanisms to detect DoS attacks. By doing so they hope to maximize accurate detections (true-positive) and minimize non-justified detections (false-positive). This research proposes a lightweight method to identify DoS attacks by analyzing host behaviors. Our method is based on the concept of BLINd Classification or BLINC: no access to packet payload, no knowledge of port numbers, and no additional information other than what current flow collectors provide. Rather than using pre-defined signatures or rules as in typical Intrusion Detection Systems, BLINC maps flows into graphlets of each attack pattern. In this work we create three types of graphlets for the following DoS attack patterns: SYN flood, ICMP flood, and host scan. Results show that our method can identify all occurrences and all hosts associated with attack activities, with a low percentage of false positive. © 2007 IEEE. | en_US |
| dc.identifier.citation | ICON 2007 - Proceedings of the 2007 15th IEEE International Conference on Networks. (2007), 77-82 | en_US |
| dc.identifier.doi | 10.1109/ICON.2007.4444065 | en_US |
| dc.identifier.other | 2-s2.0-48149114703 | en_US |
| dc.identifier.uri | https://repository.li.mahidol.ac.th/handle/20.500.14594/24386 | |
| dc.rights | Mahidol University | en_US |
| dc.rights.holder | SCOPUS | en_US |
| dc.source.uri | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=48149114703&origin=inward | en_US |
| dc.subject | Computer Science | en_US |
| dc.subject | Social Sciences | en_US |
| dc.title | Lightweight detection of DoS attacks | en_US |
| dc.type | Conference Paper | en_US |
| dspace.entity.type | Publication | |
| mu.datasource.scopus | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=48149114703&origin=inward | en_US |