KIT | KIT-Bibliothek | Impressum | Datenschutz

Anomaly-based Identification of Large-Scale Attacks

Gamer, Thomas 1
1 Institut für Telematik (TM), Karlsruher Institut für Technologie (KIT)

Abstract (englisch):

Large-scale attacks like Distributed Denial-of-Service (DDoS) attacks still pose unpredictable threats to the Internet infrastructure and Internet-based business. Thus, many attack detection systems using various anomaly detection methods were developed in the past. These detection systems result in a set of anomalies detected by analysis of the traffic behavior. A realtime identification of the attack type that is represented by those anomalies simplifies important tasks like taking countermeasures and visualizing the network state. In addition, an identification facilitates a collaboration of distributed heterogeneous detection systems. In this paper, we first lay the foundations for a generalized identification system by establishing a model of those entities that form anomaly-based attack detection: large-scale attacks, anomalies, and anomaly detection methods. Based on this flexible model, an adaptable and resource-aware system for the identification of large-scale attacks is developed that additionally offers an autonomous processing control.

DOI: 10.1109/GLOCOM.2009.5426127
Zitationen: 5
Zitationen: 5
Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Publikationstyp Proceedingsbeitrag
Publikationsjahr 2009
Sprache Englisch
Identifikator ISBN: 978-1-4244-4148-8
KITopen-ID: 1000087664
Erschienen in Global Telecommunications Conference (Globecom), Honolulu, HI, USA, 30 November - 4 December 2009
Verlag Institute of Electrical and Electronics Engineers (IEEE)
Seiten 1-6
Nachgewiesen in Dimensions
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page