针对网络服务器的慢速DoS攻击检测与分类

Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI:10.1145/3407023.3409198

E. Cambiaso, M. Aiello, M. Mongelli, I. Vaccari

{"title":"针对网络服务器的慢速DoS攻击检测与分类","authors":"E. Cambiaso, M. Aiello, M. Mongelli, I. Vaccari","doi":"10.1145/3407023.3409198","DOIUrl":null,"url":null,"abstract":"Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Detection and classification of slow DoS attacks targeting network servers\",\"authors\":\"E. Cambiaso, M. Aiello, M. Mongelli, I. Vaccari\",\"doi\":\"10.1145/3407023.3409198\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.\",\"PeriodicalId\":121225,\"journal\":{\"name\":\"Proceedings of the 15th International Conference on Availability, Reliability and Security\",\"volume\":\"71 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-08-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 15th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3407023.3409198\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 15th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3407023.3409198","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

低速率拒绝服务攻击被认为是对网络系统的严重威胁。在本文中，我们通过提出一种新的基于异常的入侵检测系统来研究这个主题。我们验证提议的系统，并报告我们发现的弱点。通过从攻击者的角度出发，我们也试图避开所提出的算法。结果表明，为了避免检测，攻击者需要高带宽来进行攻击。因此，所提出的方法应该被认为是一种有效的方法来检测运行缓慢的DoS攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detection and classification of slow DoS attacks targeting network servers

Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 15th International Conference on Availability, Reliability and Security

自引率

0.00%

发文量