Detecting LDoS Attacks based on Abnormal Network Traffic
|
|
Chen, Kai
(School of Computer Science & Technology, Huazhong University of Science and Technology)
Liu, Hui-Yu (School of Computer Science & Technology, Huazhong University of Science and Technology) Chen, Xiao-Su (School of Computer Science & Technology, Huazhong University of Science and Technology) |
| 1 | V. D. Gligor, "A note on denial-of-service in operating systems," Software Engineering, IEEE Transactions on, vol.10, no.3, pp.320-324, May.1984. |
| 2 | Ruoyu Yan, Qinghua Zheng and Haifei Li, "Combining Adaptive Filtering and IF Flows to Detect DDoS Attacks within a Router," KSII Transactions on Internet and Information Systems, vol.4, no.3, pp.428-451, Jun.2010. |
| 3 | A. Kuzmanovic and E.W. Knightly, "Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants," in Proc. of SIGCOMM, pp.75-86, 2003. |
| 4 | M. Guirguis, A. Bestavros, and I. Matta, "Exploiting the tran-sients of adaptation for RoQ attacks on internet resources," in Proc. of the 12th IEEE International Conference on Network Protocols, pp.184-195, Oct.2004. |
| 5 | Xiaopu Luo and R. K. C. Chang, "On a new class of pulsing denial-of-service attacks and the defense," in Proc. of the Network and Distributed System Security Symposium, pp.1-19, Feb.2005. |
| 6 | Zhang Jing, Hu Huaping and Liu Bo, "Robustness of RED in Mitigating LDoS Attack," KSII Transactions on Internet and Information Systems, Vol.5, no.5, May.2011. |
| 7 | Changwang Zhang, Jianping Yin, Zhiping Cai and Weifeng Chen, "RRED: Robust RED Algorithm to Counter Low - rate Denial -of -Service Attacks," IEEE Communication Letter, vol.14, no.5, pp.489-491, May.2010. DOI |
| 8 | Jon Postel. RFC 793: Transmission Control Protocol, September 1981. Available from ftp://ftp.rfc-editor.org/in-notes/rfc793.txt as of Aug.2003. |
| 9 | G. Macia-Fernandez, J. E. Diaz-Verdejo, and P. Garcia-Teodoro, "Evaluation of a low-rate DoS attack against iterative servers," Computer Networks, pp. 1013-1030, vol.51, no.4, 2007. DOI ScienceOn |
| 10 | G. Macia-Fernandez, J. E. Diaz-Verdejo, and P. Garcia-Teodoro, "LoRDAS: A low-rate DoS attack against application servers," in Proc. CRITIS'07, vol.5141, pp.197-209, 2008. |
| 11 | G. Macia-Fernandez, J. E. Diaz-Verdejo, and P. Garcia-Teodoro, "Evaluation of a low-rate DoS attack against application servers," Computer Security, vol.27, pp.335-354, 2008. DOI ScienceOn |
| 12 | G. Macia-Fernandez, Rafael A, Rodriguez-Gomez and Jesus E. Diaz-Verdejo, "Defense techniques for low-rate DoS attacks against application servers, " Computer Networks, vol.54, no.15, pp.2711-2727, Oct. 2010. DOI ScienceOn |
| 13 | Macia-Fernandez, G., J.E. Diaz-Verdejo and P. Garcia-Teodoro, "Mathematical model for low-rate dos attacks against application servers," Information Forensics and Security, vol.4, no.3, pp.519-529, Sep.2009. DOI |
| 14 | Salah K, Sattar K, Sqalli M, et al, "A potential low-rate DoS attack against network firewalls," Security and Communication Networks, vol.4, no.2, pp.136-146, Feb.2011. DOI |
| 15 | He Yanxiang, "LDoS attack in ad-hoc network," in Proc of 6th International Conference on Wireless On-Demand Network Systems and Services, pp.251-257, Feb.2009. |
| 16 | Guirguis Mina, Bestavros Azer and Matta Ibrahim, "On the impact of low-rate attacks," in Proc. Communications, pp.2316-2321, Jun.2006. |
| 17 | Chen Y and Hwang K, "Collaborative detection and filtering of shrew DDoS attacks using spectral analysis," Journal of Parallel and Distributed Computing, vol.66, no.9, pp.1137-1151, Sep.2006. DOI ScienceOn |
| 18 | He Yanxiang, Cao Qiang, Liu Tao, Han Yi and Xiong Qi, "A low- rate dos detection method based on feature extraction using wavelet transform," Journal of Software, vol.20, no.4, pp.930-941, Apr.2009. |
| 19 | H. Sun, J. C. S. Lu, and D. K. Y. Yau, "Defending against low-rate TCP attacks: dynamic detection and protection," in Proc. of the 12th IEEE International Conference on Network Protocols, pp.196-205, Oct.2004. |
| 20 | S. Sarat and A. Terzis, "On the effect of router buffer sizes on low-rate denial of service attacks," in Proc. IEEE ICCCN 05, pp.281-86, 2005. |
| 21 | Y. K. Kwok, R. Tripathi, Y. Chen, and K. Hwang, "HAWK: Halting anomalies with weighted choking to rescue well-behaved TCP Sessions from Shrew DDoS attacks," in Proc. of the 3rd International Conference on Computer Network and Mobile Computing, pp.423-432, Aug.2005. |
| 22 | WU Zhi-jun, ZENG Hua-long, and YUE Meng, "Approach of detecting LDoS attack based on time window statistic," Journal on Communications, vol.31, no.12, pp.55-62, Dec.2010. |
| 23 | S Athuraliya, V H Li, S H Low, Q Yin. REM, "Active queue management," IEEE Network, pp.48-53, vol.15, no.3, 2001. Article (CrossRef Link). DOI ScienceOn |
| 24 | A. Shevtekar, K. Anantharam, and N. Ansari, "Low rate TCP denial-of-service attack detection at edge routers," IEEE Communications Letters, vol.9, no.4, pp.363-365, 2005. DOI ScienceOn |
| 25 | Y. Xu and R. Guerin, "On the robustness of router-based denial-of-service (DoS) defense systems," ACM SIGCOMM Computer Communication Review, vol.35, no.3, pp.47-60, 2005. DOI |
| 26 | Xiaopu Luo, Edmond W.W. Chan, Rocky K.C. Chang, "Vanguard: A new detection scheme for a class of TCP-targeted denial-of-service attacks," in Proc. of the 10th IEEE/IFIP Network Operations and Management Symposium, pp.507-518, Apr.2006. |
| 27 | Xiapu Luo, Edmond W. W. Chan, and Rocky K.C.Chang, "detecting pulsing denial-of-service attacks with nondeterministic attack intervals," EURASIP Journal on Advances in Signal Processing, vol. 2009, Jan.2009. |
| 28 | Sean McPherson and Antonio Ortega, "Detecting low-rate periodic events in Internet traffic using renewal theory," in Proc. of ICASSP'2011. pp.4336-4339, May.2011. |
| 29 | WU Zhijun, and PEI Baosong, "The detection of LDoS attack based on the model of small signal," ACTA ELECTRONICA SINICA, vol.39, no.6, Jun.2011. |
| 30 | Yang Xiang, Ke Li, and Wanlei Zhou, "Low-Rate DDoS attacks detection and traceback by using new information metrics," IEEE Transactions on Information Forensics and Security, vol.6, no.2, pp.426-437, Jun.2011. DOI |
| 31 | W.E.Leland,M. S. Taqqu, W. Willinger, and D.V Wilson, "On the self-similar nature of Ethernet traffic," in Proc.of ACM Sigcomm'93, pp.183-193, Oct.1993. |
| 32 | K. Park and W. Willinger, "Self-similar network traffic and performance evaluation," John Wiley & Sons, JAN. 2002. |
| 33 | Thomas K, Mart M, Michalis F, et al, "Long-range dependence-ten years of Internet traffic modeling," IEEE Internet Computer, vol.8, no.5, pp.57-64, Sept-Oct, 2004. DOI ScienceOn |
| 34 | T.Karagiannis, M.Molle, M.Faloutsos, and A. Broido, "A nonstationary poisson view of Internet traffic," in Proc.of INFOCOM 2004, pp.1558-1569, Mar.2004. |
| 35 | K. Fall, K. Varadhan, "The NS manual," http://www.isi.edu/nsnam/ns/, 2009. |
| 36 | Lawrence Berkeley National Laboratory (LBNL) and ICSI, "LBNL's internal enterprise traffic," http://www.icir.org/enterprise-tracing, 2005. |
| 37 | MAWI Working Group, "Packet traces from WIDE backbone," http://tracer.csl.sony.co.jp/mawi, 2006. |
| 38 | Cyber Systems and Technology Group, "1999 DARPA Intrusion Detection Evaluation Data Sets,"http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/1999data.html,1999. |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
