DDoS Attacks With Randomized Traffic Innovation: Botnet Identification Challenges and Strategies
| العنوان: | DDoS Attacks With Randomized Traffic Innovation: Botnet Identification Challenges and Strategies |
|---|---|
| المؤلفون: | Mario Di Mauro, Maurizio Longo, Vincenzo Matta |
| المصدر: | IEEE Transactions on Information Forensics and Security. 12:1844-1859 |
| بيانات النشر: | Institute of Electrical and Electronics Engineers (IEEE), 2017. |
| سنة النشر: | 2017 |
| مصطلحات موضوعية: | Signal processing for network security, Risk, FOS: Computer and information sciences, Computer Science - Cryptography and Security, Exploit, Computer Networks and Communications, Computer science, Computer Science - Information Theory, 0211 other engineering and technologies, Botnet, Distributed denial-of-service, Denial-of-service attack, 02 engineering and technology, Computer security, computer.software_genre, Cyber-Security, DDoS mitigation, Computer Science - Networking and Internet Architecture, 0202 electrical engineering, electronic engineering, information engineering, Safety, Risk, Reliability and Quality, Networking and Internet Architecture (cs.NI), 021110 strategic, defence & security studies, Information Theory (cs.IT), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, DDoS, 020206 networking & telecommunications, Application layer, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Identification (information), Reliability and Quality, Safety, Cryptography and Security (cs.CR), computer |
| الوصف: | Distributed Denial-of-Service (DDoS) attacks are usually launched through the $botnet$, an "army" of compromised nodes hidden in the network. Inferential tools for DDoS mitigation should accordingly enable an early and reliable discrimination of the normal users from the compromised ones. Unfortunately, the recent emergence of attacks performed at the application layer has multiplied the number of possibilities that a botnet can exploit to conceal its malicious activities. New challenges arise, which cannot be addressed by simply borrowing the tools that have been successfully applied so far to earlier DDoS paradigms. In this work, we offer basically three contributions: $i)$ we introduce an abstract model for the aforementioned class of attacks, where the botnet emulates normal traffic by continually learning admissible patterns from the environment; $ii)$ we devise an inference algorithm that is shown to provide a consistent (i.e., converging to the true solution as time progresses) estimate of the botnet possibly hidden in the network; and $iii)$ we verify the validity of the proposed inferential strategy over $real$ network traces. Submitted for publication |
| تدمد: | 1556-6021 1556-6013 |
| DOI: | 10.1109/tifs.2017.2692685 |
| URL الوصول: | https://explore.openaire.eu/search/publication?articleId=doi_dedup___::0cb2081cf5cb28e0409d711f3e172501 https://doi.org/10.1109/tifs.2017.2692685 |
| Rights: | OPEN |
| رقم الانضمام: | edsair.doi.dedup.....0cb2081cf5cb28e0409d711f3e172501 |
| قاعدة البيانات: | OpenAIRE |
كن أول من يترك تعليقا!