This paper addresses the problem of detection of “Slow” Denial of Service attacks. The problem is particularly challenging in virtue of the reduced amount of bandwidth generated by the attacks. A novel detection method is presented, which analyzes specific spectral features of traffic over small time horizons. No packet inspection is required. Extrapolated data refer to real traffic traces, elaborated over the Local Area Network of our Institute. Different kinds of attacks have been considered as well. The results show how the proposed method is reliable and applicable in many other contexts.
An on-line intrusion detection approach to identify low-rate DoS attacks
CAMBIASO, ENRICO;
2014-01-01
Abstract
This paper addresses the problem of detection of “Slow” Denial of Service attacks. The problem is particularly challenging in virtue of the reduced amount of bandwidth generated by the attacks. A novel detection method is presented, which analyzes specific spectral features of traffic over small time horizons. No packet inspection is required. Extrapolated data refer to real traffic traces, elaborated over the Local Area Network of our Institute. Different kinds of attacks have been considered as well. The results show how the proposed method is reliable and applicable in many other contexts.
File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
