Group Testing Based Detection of Web Service DDoS Attackers
スポンサーリンク
概要
- 論文の詳細を見る
The Distributed Denial of Service attack (DDoS) is one of the major threats to network security that exhausts network bandwidth and resources. Recently, an efficient approach Live Baiting was proposed for detecting the identities of DDoS attackers in web service using low state overhead without requiring either the models of legitimate requests nor anomalous behavior. However, Live Baiting has two limitations. First, the detection algorithm adopted in Live Baiting starts with a suspects list containing all clients, which leads to a high false positive probability especially for large web service with a huge number of clients. Second, Live Baiting adopts a fixed threshold based on the expected number of requests in each bucket during the detection interval without the consideration of daily and weekly traffic variations. In order to address the above limitations, we first distinguish the clients activities (Active and Non-Active clients during the detection interval) in the detection process and then further propose a new adaptive threshold based on the Change Point Detection method, such that we can improve the false positive probability and avoid the dependence of detection on sites and access patterns. Extensive trace-driven simulation has been conducted on real Web trace to demonstrate the detection efficiency of the proposed scheme in comparison with the Live Baiting detection scheme.
- (社)電子情報通信学会の論文
- 2010-05-01
著者
-
Jiang Xiaohong
Graduate School of Information Sciences, Tohoku University
-
Kameyama Michitaka
Graduate School of Information Sciences, Tohoku University
-
Jiang Xiaohong
Graduate School Of Information Science Tohoku University
-
Jiang Xiaohong
Graduate School Of Information Science Japan Advanced Institute Of Science And Technology Jaist
-
NASHAT Dalia
Graduate School of Information Science, Tohoku University
-
Nashat Dalia
Graduate School Of Information Science Tohoku University
-
Kameyama Michitaka
Graduate School Of Information Science Tohoku University
-
Michitaka Kameyama
Graduate School Of Information Sciences Tohoku University
-
Dalia NASHAT
Graduate School of Information Science, Tohoku University
関連論文
- Efficient Network Coding-Based Loss Recovery for Reliable Multicast in Wireless Networks
- Network coding-based reliable multicast scheme in wireless networks (無線通信システム)
- A More Efficient COPE Architecture for Network Coding in Multihop Wireless Networks
- A Nonblocking Optical Switching Network for Crosstalk-Free Permutation(Switching)
- A Nonblocking Optical Switching Network for Crosstalk-Free Permutation
- Crosstalk-Free Permutation in Photonic Rearrangeable Networks Built on a Combination of Horizontal Expansion and Vertical Stacking of Banyan Networks(Special Issue on Parallel and Distributed Computing, Applications and technologies)
- Adaptive Group-Based Job Scheduling for High Performance and Reliable Volunteer Computing
- Dynamic RWA Based on the Combination of Mobile Agents Technique and Genetic Algorithms in WDM Networks with Sparse Wavelength Conversion(Software Agent and Its Applications)
- Design and Evaluation of Fine-Grain Field-Programmable VLSI Based on Multiple-Valued Source-Coupled Logic
- FPGA Implementation of a Stereo Matching Processor Based on Window-Parallel-and-Pixel-Parallel Architecture(VLSI Architecture, VLSI Design and CAD Algorithms)
- Architecture of a Stereo Matching VLSI Processor Based on Hierarchically Parallel Memory Access(Digital Circuits and Computer Arithmetic, Recent Advances in Circuits and Systems-Part 1)
- C-12-8 Design of a Very Compact Cell for a Multiple-Valued Fine-Grain Reconfigurable VLSI
- Robust Node Positioning in Wireless Sensor Networks
- Group Testing Based Detection of Web Service DDoS Attackers
- Self-Routing Nonblocking WDM Switches Based on Arrayed Waveguide Grating
- Routing Algorithms for Packet/Circuit Switching in Optical Multi-log_2N Networks
- Hybrid Packet-Pheromone-Based Probabilistic Routing for Mobile Ad Hoc Networks
- Fair Scheduling for Delay-Sensitive VoIP Traffic
- Efficient Network Coding-Based Loss Recovery for Reliable Multicast in Wireless Networks
- A More Efficient COPE Architecture for Network Coding in Multihop Wireless Networks
- Breakage prediction-based route maintenance in ad hoc networks (インターネットアーキテクチャ)
- A Multi-Context FPGA Using Floating-Gate-MOS Functional Pass-Gates(Novel Device Architectures and System Integration Technologies)
- Architecture of a Fine-Grain Field-Programmable VLSI Based on Multiple-Valued Source-Coupled Logic(New System Paradigms for Integrated Electronics)
- Design of Highly Parallel Linear Digital System for ULSI Processors (Special Issue on New Architecture LSIs)
- Code Assignment Algorithm for Highly Parallel Multiple-Valued Combinational Circuits Based on Partition Theory (Special Issue on Multiple-Valued Logic)
- Advanced VLSI Architecture for Intelligent Integrated Systems(Plenary Session,AWAD2006)
- Advanced VLSI Architecture for Intelligent Integrated Systems(Plenary Session,AWAD2006)
- Design of a Trinocular-Stereo-Vision VLSI Processor Based on Optimal Scheduling
- Minimizing Energy Consumption Based on Dual-Supply-Voltage Assignment and Interconnection Simplification(Novel Device Architectures and System Integration Technologies)
- Low-Power Field-Programmable VLSI Using Multiple Supply Voltages(Low Power Methodology, VLSI Design and CAD Algorithms)
- C-12-4 Low Power Field Programmable VLSI Processor Using Multiple Supply Voltages
- Field-Programmable VLSI Based on a Bit-Serial Fine-Grain Architecture(New System Paradigms for Integrated Electronics)
- Architecture of a high-performance stereo vision VLSI processor
- A VLSI-Oriented Model-Based Robot Vision Processor for 3-D Instrumentation and Object Recognition (Special Issue on Super Chip for Intelligent Integrated Systems)
- Generalized Hough Transform VLSI Processor for Model-Based Edge Detection
- Fine-Grain Multiple-Valued Reconfigurable VLSI Using Series-Gating Differential-Pair Circuits and Its Evaluation
- Implementation of a Partially Reconfigurable Multi-Context FPGA Based on Asynchronous Architecture
- Memory Allocation for Multi-Resolution Image Processing
- Evaluation of a Field-Programmable VLSI Based on an Asynchronous Bit-Serial Architecture
- Design of a Reconfigurable Parallel Processor for Digital Control Using FPGAs (Special Issue on Super Chip for Intelligent Integrated Systems)
- Special Section on VLSI Technology toward Frontiers of New Market
- A Minimum-Latency Linear Array FFT Processor for Robotics
- Pixel-Serial and Window-Parallel VLSI Processor for Stereo Matching Using a Variable Window Size
- Multiple-Valued Code Assignment Algorithm for VLSI-Oriented Highly Parallel K-Ary Operation Circuits (Special Issue on New Architecture LSIs)
- Multiple-Valued Programmable Logic Array Based on a Resonant-Tunneling Diode Model
- Design of a CAM-Based Collision Detection VLSI Processor for Robotics (Special Issue on Super Chip for Intelligent Integrated Systems)
- A Collision Detection Processor for Intelligent Vehicles (Special Issue on ASICs for Automotive Electronics)
- Design Methodology for Human-Oriented Intelligent Integrated Systems
- Design and Evaluation of a 4-Valued Universal-Literal CAM for Cellular Logic Image Processing (Special Issue on New Concept Device and Novel Architecture LSIs)
- New Bounds on the Feedforward Design of Optical Output Buffer Multiplexers and Switches
- Maintaining Packet Order in Reservation-Based Shared-Memory Optical Packet Switch
- Redundant Vias Insertion for Performance Enhancement in 3D ICs
- Efficient routing algorithms for feedforward output buffer queue switch (ネットワークシステム)
- Variant X-Tree Clock Distribution Network and Its Performance Evaluations(Low-Power and High-Performance VLSI Circuit Technology,VLSI Technology toward Frontiers of New Market)
- 無線アドホックネットワークにおける蟻の食性を利用したルーティング法(ユビキタス)
- A Class of Benes-Based Optical Multistage Interconnection Networks for Crosstalk-Free Realization of Permutations(Fiber-Optic Transmission for Communications)
- Adaptive Group-Based Job Scheduling for High Performance and Reliable Volunteer Computing
- Adaptive Group-Based Job Scheduling for High Performance and Reliable Volunteer Computing
- A more accurate skew model for well-balanced H-tree clock distribution network (プロセス・デバイス・回路シミュレーション(統計モデリングも含む))
- A more accurate skew model for well-balanced H-tree clock distribution network (プロセス・デバイス・回路シミュレーション(統計モデリングも含む))
- Lower-Bound on Blocking Probability of a Class of Crosstalk-Free Optical Cross-Connects (OXCs)(Network Protocols, Topology and Fault Tolerance, Parallel/Distributed Computing and Networking)
- An Upper Bound on Blocking Probability for Vertical Stacked Optical Banyan Networks with Extra Stage
- Performance Measurement of the Multi-backup paths Restoration Scheme under Capacity Constraint
- An Asynchronous FPGA Based on LEDR/4-Phase-Dual-Rail Hybrid Architecture
- A Switch Block Architecture for Multi-Context FPGAs Based on a Ferroelectric-Capacitor Functional Pass-Gate Using Multiple/Binary Valued Hybrid Signals
- Memory Allocation for Window-Based Image Processing on Multiple Memory Modules with Simple Addressing Functions
- Task Allocation with Algorithm Transformation for Reducing Data-Transfer Bottlenecks in Heterogeneous Multi-Core Processors : A Case Study of HOG Descriptor Computation
- Logic-In-Control-Architecture-Based Reconfigurable VLSI Using Multiple-Valued Differential-Pair Circuits
- FOREWORD
- Code Assignment Algorithm for Highly Parallel Multiple-Valued k-Ary Operation Circuits Using Partition Thory
- Design of a Rule-Based Highly-Safe Intelligent Vehicle Using a Content-Addressable Memory
- Implementation of a Low-Power FPGA Based on Synchronous/Asynchronous Hybrid Architecture
- Memory-Access-Driven Context Partitioning for Window-Based Image Processing on Heterogeneous Multicore Processors
- Acceleration of Block Matching on a Low-Power Heterogeneous Multi-Core Processor Based on DTU Data-Transfer with Data Re-Allocation
- Machine Learning Based Adaptive Contour Detection Using Algorithm Selection and Image Splitting
- A Multiple-Valued Reconfigurable VLSI Architecture Using Binary-Controlled Differential-Pair Circuits
- Platform and Mapping Methodology for Heterogeneous Multicore Processors
- Evaluation of an FPGA-Based Heterogeneous Multicore Platform with SIMD/MIMD Custom Accelerators
- Machine Learning Based Adaptive Contour Detection Using Algorithm Selection and Image Splitting ( Fundamental Aspects and Recent Developments in Multimedia and VLSI Systems)
- Platform and Mapping Methodology for Heterogeneous Multicore Processors ( Fundamental Aspects and Recent Developments in Multimedia and VLSI Systems)
- Multiple-Valued Fine-Grain Reconfigurable VLSI Using a Global Tree Local X-Net Network