Online monitoring and analysis for self-protection against network attacks

Abstract

In this paper, we present an online monitoring and analysis framework to achieve self-protection against a wide range of network attacks. Our approach uses the software agents to online monitor several attributes to characterize the state of any network or computing resource as normal, uncertain, or abnormal. The software agents execute the appropriate recovery mechanisms once they determine that a service, and/or a network device is operating abnormally. We have developed a test bed to demonstrate and validate our approach to protect against several well-known attacks.