S. Mylavarapu, J. Zachary, D. Ettlich, J. McEachen, D. Ford
{"title":"用于检测流行型网络攻击的会话交换动态模型","authors":"S. Mylavarapu, J. Zachary, D. Ettlich, J. McEachen, D. Ford","doi":"10.1109/MWSCAS.2004.1354334","DOIUrl":null,"url":null,"abstract":"Epidemic-style network attacks, such as worms, have increased in frequency over the past several years as computer networks have grown in bandwidth and scope. Mechanisms to contain these types of attacks depend on rapid and effective detection of their existence, which corresponds to anomalous network traffic behavior. These behaviors are typically associated with denial of service, probing, and buffer overflow attacks. We present a model called conversation exchange dynamics (CED) and analyze its ability to detect network anomalies by observing anomalous packets amongst traffic generated in a controlled test environment. We present configuration issues and show the successful ability of this model to detect anomalous packets and even network attacks that exhibit behavior pathologies similar to network worms.","PeriodicalId":185817,"journal":{"name":"The 2004 47th Midwest Symposium on Circuits and Systems, 2004. MWSCAS '04.","volume":"45 16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A model of conversation exchange dynamics for detection of epidemic-style network attacks\",\"authors\":\"S. Mylavarapu, J. Zachary, D. Ettlich, J. McEachen, D. Ford\",\"doi\":\"10.1109/MWSCAS.2004.1354334\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Epidemic-style network attacks, such as worms, have increased in frequency over the past several years as computer networks have grown in bandwidth and scope. Mechanisms to contain these types of attacks depend on rapid and effective detection of their existence, which corresponds to anomalous network traffic behavior. These behaviors are typically associated with denial of service, probing, and buffer overflow attacks. We present a model called conversation exchange dynamics (CED) and analyze its ability to detect network anomalies by observing anomalous packets amongst traffic generated in a controlled test environment. We present configuration issues and show the successful ability of this model to detect anomalous packets and even network attacks that exhibit behavior pathologies similar to network worms.\",\"PeriodicalId\":185817,\"journal\":{\"name\":\"The 2004 47th Midwest Symposium on Circuits and Systems, 2004. MWSCAS '04.\",\"volume\":\"45 16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-07-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 2004 47th Midwest Symposium on Circuits and Systems, 2004. MWSCAS '04.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MWSCAS.2004.1354334\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 2004 47th Midwest Symposium on Circuits and Systems, 2004. MWSCAS '04.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MWSCAS.2004.1354334","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A model of conversation exchange dynamics for detection of epidemic-style network attacks
Epidemic-style network attacks, such as worms, have increased in frequency over the past several years as computer networks have grown in bandwidth and scope. Mechanisms to contain these types of attacks depend on rapid and effective detection of their existence, which corresponds to anomalous network traffic behavior. These behaviors are typically associated with denial of service, probing, and buffer overflow attacks. We present a model called conversation exchange dynamics (CED) and analyze its ability to detect network anomalies by observing anomalous packets amongst traffic generated in a controlled test environment. We present configuration issues and show the successful ability of this model to detect anomalous packets and even network attacks that exhibit behavior pathologies similar to network worms.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
