مقاله انگلیسی رایگان در مورد تشخیص حملات محروم سازی از سرویس توزیع شده با استفاده از یک روش تشخیص ترکیبی – الزویر 2019

 

مشخصات مقاله
ترجمه عنوان مقاله یک رویکرد عملی برای تشخیص حملات محروم سازی از سرویس توزیع شده با استفاده از یک روش تشخیص ترکیبی
عنوان انگلیسی مقاله A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method
انتشار مقاله سال 2019
تعداد صفحات مقاله انگلیسی 13 صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
پایگاه داده نشریه الزویر
نوع نگارش مقاله
مقاله پژوهشی (Research Article)
مقاله بیس این مقاله بیس نمیباشد
نمایه (index) Scopus – Master Journal List – JCR
نوع مقاله ISI
فرمت مقاله انگلیسی  PDF
ایمپکت فاکتور(IF)
2.762 در سال 2018
شاخص H_index 49 در سال 2019
شاخص SJR 0.443 در سال 2018
شناسه ISSN 0045-7906
شاخص Quartile (چارک) Q2 در سال 2018
رشته های مرتبط مهندسی کامپیوتر
گرایش های مرتبط امنیت اطلاعات، مهندسی نرم افزار، برنامه نویسی کامپیوتر
نوع ارائه مقاله
ژورنال
مجله  کامپیوتر و مهندسی برق – Computers & Electrical Engineering
دانشگاه School of Computing University Union Belgrade, 6/6 Knez Mihailova, Belgrade, Serbia
کلمات کلیدی امنیت شبکه، حمله محروم سازی از سرویس، ميانگين موزون متحرك نمايي ، CUSUM، آنتروپی Packet
کلمات کلیدی انگلیسی Network security، Denial of service attack، Exponential weighted moving average، CUSUM، Packet entropy
شناسه دیجیتال – doi
https://doi.org/10.1016/j.compeleceng.2018.11.004
کد محصول E11297
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

فهرست مطالب مقاله:
Abstract

1- Introduction

2- Related work

3- The proposed detection method

4- Test scenario

5- Discussion of results

6- Conclusion

References

بخشی از متن مقاله:

Abstract

This paper presents a hybrid method for the detection of distributed denial-of-service (DDoS) attacks that combines feature-based and volume-based detection. Our approach is based on an exponential moving average algorithm for decision-making, applied to both entropy and packet number time series. The approach has been tested by performing a controlled DDoS experiment in a real academic network. The network setup and test scenarios including both high-rate and low-rate attacks are described in the paper. The performance of the proposed method is compared to the performance of two methods that are already known in the literature. One is based on the counting of SYN packets and is used for detection of SYN flood attacks, while the other is based on a CUSUM algorithm applied to the entropy time series. The results show the advantage of our approach compared to methods that are based on either entropy or number of packets only.

Introduction

Modern technological society is greatly dependent on Internet technology and online services. Internet services have ecome a non-exclusive part of everyday routine. Many of us check our e-mail as the first thing we do in the morning. This kind of service dependence has made room for a new kind of manipulation and has introduced attacks on network services. Denial of Service (DoS) attacks are among these attacks. Their goal is to make a targeted service unavailable by overloading service provider resources with false requests. With resources depleted, the service provider is not able to serve legitimate users. Nowadays, DoS is a commonly-used attacking method which inflicts significant financial loss on its targets [1]. According to [2,3] there are different types of DoS attacks. At the application level, attack detection is usually done by pattern recognition in the content of received packets. When a malicious pattern is detected, DoS prevention is achieved by blacklisting the IP address of the sender. To bypass this protection and to increase the efficiency of such attacks, attackers usually use distributed attacks (DDoS) by sending malicious packets from different source IP addresses, computers, networks or even continents. At present, detection of application-based attacks is very inefficient as a large number of packets has to be deeply inspected to recognize an attack pattern. We are tackling this problem at a much lower, network (or in some cases transport) layer, where deep packet analysis is not required.

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

دکمه بازگشت به بالا