使用卡方法检测DoS和DDoS攻击

2009 Fifth International Conference on Information Assurance and Security Pub Date : 2009-08-18 DOI:10.1109/IAS.2009.292

Fang-Yie Leu, C. Pai

{"title":"使用卡方法检测DoS和DDoS攻击","authors":"Fang-Yie Leu, C. Pai","doi":"10.1109/IAS.2009.292","DOIUrl":null,"url":null,"abstract":"In this paper, we propose an agent_based distributed intrusion detection architecture, which detects DoS/DDoS attacks by comparing source IP addresses’ normal and current connection frequencies. First, we collect source IPs’ packet statistics to obtain their normal packet distribution. When current statistics suddenly increase, very often it is an attack. Experimental results show that this approach can effectively detect DoS/DDoS attacks.","PeriodicalId":240354,"journal":{"name":"2009 Fifth International Conference on Information Assurance and Security","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"Detecting DoS and DDoS Attacks Using Chi-Square\",\"authors\":\"Fang-Yie Leu, C. Pai\",\"doi\":\"10.1109/IAS.2009.292\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we propose an agent_based distributed intrusion detection architecture, which detects DoS/DDoS attacks by comparing source IP addresses’ normal and current connection frequencies. First, we collect source IPs’ packet statistics to obtain their normal packet distribution. When current statistics suddenly increase, very often it is an attack. Experimental results show that this approach can effectively detect DoS/DDoS attacks.\",\"PeriodicalId\":240354,\"journal\":{\"name\":\"2009 Fifth International Conference on Information Assurance and Security\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-08-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Fifth International Conference on Information Assurance and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IAS.2009.292\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Fifth International Conference on Information Assurance and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAS.2009.292","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

摘要

本文提出了一种基于agent_based的分布式入侵检测体系结构，通过比较源IP地址的正常连接频率和当前连接频率来检测DoS/DDoS攻击。首先，我们收集源ip的报文统计，得到它们的正态分布。当当前的统计数据突然增加时，通常是一种攻击。实验结果表明，该方法可以有效地检测到DoS/DDoS攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detecting DoS and DDoS Attacks Using Chi-Square

In this paper, we propose an agent_based distributed intrusion detection architecture, which detects DoS/DDoS attacks by comparing source IP addresses’ normal and current connection frequencies. First, we collect source IPs’ packet statistics to obtain their normal packet distribution. When current statistics suddenly increase, very often it is an attack. Experimental results show that this approach can effectively detect DoS/DDoS attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 Fifth International Conference on Information Assurance and Security

自引率

0.00%

发文量