Show simple item record

dc.contributor.authorBerral García, Josep Lluís
dc.contributor.authorPoggi Mastrokalo, Nicolas
dc.contributor.authorAlonso López, Javier
dc.contributor.authorGavaldà Mestre, Ricard
dc.contributor.authorTorres Viñals, Jordi
dc.contributor.authorParashar, Manish
dc.contributor.otherUniversitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors
dc.contributor.otherUniversitat Politècnica de Catalunya. Departament de Llenguatges i Sistemes Informàtics
dc.date.accessioned2010-10-26T09:22:45Z
dc.date.available2010-10-26T09:22:45Z
dc.date.created2008
dc.date.issued2008
dc.identifier.citationBerral, J. [et al.]. Adaptive distributed mechanism againts flooding network attacks based on machine learning. A: ACM Workshop on AISec. "The first ACM workshop on AISec". Alexandria, Virginia: ACM Press, NY, 2008, p. 43-49.
dc.identifier.isbn978-1-60558-291-7
dc.identifier.urihttp://hdl.handle.net/2117/9989
dc.description.abstractAdaptive techniques based on machine learning and data mining are gaining relevance in self-management and self- defense for networks and distributed systems. In this paper, we focus on early detection and stopping of distributed flooding attacks and network abuses. We extend the framework proposed by Zhang and Parashar (2006) to cooperatively detect and react to abnormal behaviors before the target machine collapses and network performance degrades. In this framework, nodes in an intermediate network share infor- mation about their local traffic observations, improving their global traffic perspective. In our proposal, we add to each node the ability of learning independently, therefore reacting differently according to its situation in the network and local traffic conditions. In particular, this frees the administrator from having to guess and manually set the parameters distinguishing attacks from non-attacks: now such thresholds are learned and set from experience or past data. We expect that our framework provides a faster detection and more accuracy in front of distributed ooding attacks than if static filters or single-machine adaptive mechanisms are used. We show simulations where indeed we observe a high rate of stopped attacks with minimum disturbance to the legitimate users.
dc.format.extent7 p.
dc.language.isoeng
dc.publisherACM Press, NY
dc.subjectÀrees temàtiques de la UPC::Informàtica::Seguretat informàtica
dc.subject.lcshComputer networks -- Security measures
dc.subject.otherMachine Learning
dc.subject.otherFlooding Attacks
dc.subject.otherDDoS
dc.subject.otherAutonomic Computing
dc.subject.otherCooperative
dc.subject.otherIntrusion Detection
dc.titleAdaptive distributed mechanism againts flooding network attacks based on machine learning
dc.typeConference report
dc.subject.lemacOrdinadors, Xarxes d' -- Mesures de seguretat
dc.subject.lemacAprenentatge automàtic
dc.contributor.groupUniversitat Politècnica de Catalunya. CAP - Grup de Computació d'Altes Prestacions
dc.contributor.groupUniversitat Politècnica de Catalunya. LARCA - Laboratori d'Algorísmia Relacional, Complexitat i Aprenentatge
dc.relation.publisherversionhttp://portal.acm.org/citation.cfm?id=1456389
dc.rights.accessRestricted access - publisher's policy
local.identifier.drac2396771
dc.description.versionPostprint (published version)
local.citation.authorBerral, J.; Poggi , N.; Alonso, J.; Gavaldà, R.; Torres, J.; Parashar, M.
local.citation.contributorACM Workshop on AISec
local.citation.pubplaceAlexandria, Virginia
local.citation.publicationNameThe first ACM workshop on AISec
local.citation.startingPage43
local.citation.endingPage49


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record