洪水攻击入侵检测的可视化分析模型

Jinson Zhang, M. Huang
{"title":"洪水攻击入侵检测的可视化分析模型","authors":"Jinson Zhang, M. Huang","doi":"10.1109/TrustCom.2013.38","DOIUrl":null,"url":null,"abstract":"Flood attacks are common forms of Distributed Denial-of-Service (DDoS) attack threats on internet in nature. This has necessitated the need for visual analysis within an intrusion detection system to identify these attacks. The challenges are how to increase the accuracy of detection and how to visualize and present flood attacks in networks for early detection. In this paper, we introduce three coefficients, which not only classify the behaviors of flood attacks, but also measure the system performance under those flood attacks: a) attack-density that patterns the characters of flood attack, b) system workload which represents the system capability in handling flood attack and c) the scalability to classify the impact level of the flood attack at victim site. A visual clustered method is used to display the DDoS flood attacks. The experimentation results are presented to demonstrate our new model significantly improves the accuracy of the detection of DDoS attacks and provides a better understanding of the nature of flood attacks on networks.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"123 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Visual Analytics Model for Intrusion Detection in Flood Attack\",\"authors\":\"Jinson Zhang, M. Huang\",\"doi\":\"10.1109/TrustCom.2013.38\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Flood attacks are common forms of Distributed Denial-of-Service (DDoS) attack threats on internet in nature. This has necessitated the need for visual analysis within an intrusion detection system to identify these attacks. The challenges are how to increase the accuracy of detection and how to visualize and present flood attacks in networks for early detection. In this paper, we introduce three coefficients, which not only classify the behaviors of flood attacks, but also measure the system performance under those flood attacks: a) attack-density that patterns the characters of flood attack, b) system workload which represents the system capability in handling flood attack and c) the scalability to classify the impact level of the flood attack at victim site. A visual clustered method is used to display the DDoS flood attacks. The experimentation results are presented to demonstrate our new model significantly improves the accuracy of the detection of DDoS attacks and provides a better understanding of the nature of flood attacks on networks.\",\"PeriodicalId\":206739,\"journal\":{\"name\":\"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\",\"volume\":\"123 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom.2013.38\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom.2013.38","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8

摘要

洪水攻击本质上是互联网上常见的分布式拒绝服务攻击威胁形式。这就需要在入侵检测系统中进行可视化分析,以识别这些攻击。面临的挑战是如何提高检测的准确性,以及如何在网络中可视化和呈现洪水攻击以进行早期检测。本文引入了表征洪水攻击特征的攻击密度、表征系统处理洪水攻击能力的系统工作负荷和表征洪水攻击对受害站点影响程度的可扩展性三个系数,不仅可以对洪水攻击的行为进行分类,还可以衡量系统在洪水攻击下的性能。采用可视化聚类的方式对DDoS flood攻击进行显示。实验结果表明,我们的新模型显着提高了DDoS攻击检测的准确性,并提供了对网络上洪水攻击性质的更好理解。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Visual Analytics Model for Intrusion Detection in Flood Attack
Flood attacks are common forms of Distributed Denial-of-Service (DDoS) attack threats on internet in nature. This has necessitated the need for visual analysis within an intrusion detection system to identify these attacks. The challenges are how to increase the accuracy of detection and how to visualize and present flood attacks in networks for early detection. In this paper, we introduce three coefficients, which not only classify the behaviors of flood attacks, but also measure the system performance under those flood attacks: a) attack-density that patterns the characters of flood attack, b) system workload which represents the system capability in handling flood attack and c) the scalability to classify the impact level of the flood attack at victim site. A visual clustered method is used to display the DDoS flood attacks. The experimentation results are presented to demonstrate our new model significantly improves the accuracy of the detection of DDoS attacks and provides a better understanding of the nature of flood attacks on networks.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信