Adaptive distributed mechanism againts flooding network attacks based on machine learning
View/Open
Berral.pdf (258,5Kb) (Restricted access)
Request copy
Què és aquest botó?
Aquest botó permet demanar una còpia d'un document restringit a l'autor. Es mostra quan:
- Disposem del correu electrònic de l'autor
- El document té una mida inferior a 20 Mb
- Es tracta d'un document d'accés restringit per decisió de l'autor o d'un document d'accés restringit per política de l'editorial
Document typeConference report
Defense date2008
PublisherACM Press, NY
Rights accessRestricted access - publisher's policy
All rights reserved. This work is protected by the corresponding intellectual and industrial
property rights. Without prejudice to any existing legal exemptions, reproduction, distribution, public
communication or transformation of this work are prohibited without permission of the copyright holder
Abstract
Adaptive techniques based on machine learning and data mining are gaining relevance in self-management and self-
defense for networks and distributed systems. In this paper, we focus on early detection and stopping of distributed flooding attacks and network abuses. We extend the framework proposed by Zhang and Parashar (2006) to cooperatively detect and react to abnormal behaviors before the target machine collapses and network performance degrades. In this framework, nodes in an intermediate network share infor-
mation about their local traffic observations, improving their global traffic perspective. In our proposal, we add to each
node the ability of learning independently, therefore reacting differently according to its situation in the network and local
traffic conditions. In particular, this frees the administrator from having to guess and manually set the parameters distinguishing attacks from non-attacks: now such thresholds are learned and set from experience or past data. We expect that our framework provides a faster detection and
more accuracy in front of distributed
ooding attacks than if static filters or single-machine adaptive mechanisms are
used. We show simulations where indeed we observe a high rate of stopped attacks with minimum disturbance to the legitimate users.
CitationBerral, J. [et al.]. Adaptive distributed mechanism againts flooding network attacks based on machine learning. A: ACM Workshop on AISec. "The first ACM workshop on AISec". Alexandria, Virginia: ACM Press, NY, 2008, p. 43-49.
ISBN978-1-60558-291-7
Publisher versionhttp://portal.acm.org/citation.cfm?id=1456389
Collections
- Departament de Ciències de la Computació - Ponències/Comunicacions de congressos [1.249]
- CAP - Grup de Computació d'Altes Prestacions - Ponències/Comunicacions de congressos [784]
- Departament d'Arquitectura de Computadors - Ponències/Comunicacions de congressos [1.874]
- LARCA - Laboratori d'Algorísmia Relacional, Complexitat i Aprenentatge - Ponències/Comunicacions de congressos [119]
Files | Description | Size | Format | View |
---|---|---|---|---|
Berral.pdf![]() | 258,5Kb | Restricted access |