Nobuaki Furutani scite author profile

Nobuaki Furutani

3Publications

11Citation Statements Received

22Citation Statements Given

How they've been cited

How they cite others

Affiliations

Kobe University

Publications

Order By: Most citations

Detection of DDoS Backscatter Based on Traffic Features of Darknet TCP Packets

Furutani

Ban

Nakazato

et al. 2014

View full text Add to dashboard Cite

In this work, we propose a method to discriminate backscatter caused by DDoS attacks from normal traffic. Since DDoS attacks are imminent threats which could give serious economic damages to private companies and public organizations, it is quite important to detect DDoS backscatter as early as possible. To do this, 11 features of port/IP information are defined for network packets which are sent within a short time, and these features of packet traffic are classified by Suppurt Vector Machine (SVM). In the experiments, we use TCP packets for the evaluation because they include control flags (e.g. SYN-ACK, RST-ACK, RST, ACK) which can give label information (i.e. backscatter or non-backscatter). We confirm that the proposed method can discriminate DDoS backscatter correctly from unknown darknet TCP packets with more than 90% accuracy.

show abstract

Adaptive DDoS-Event Detection from Big Darknet Traffic Data

Furutani

Kitazono

Ozawa

et al. 2015

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) Backscatter Detection System Using Resource Allocating Network with Data Selection

Ali¹,

Furutani²,

Ozawa³

et al. 2015

gseku.e

View full text Add to dashboard Cite

In this paper, we propose a fast detection system for Distributed Denial of Service (DDoS) backscatter using packets from various protocols and port numbers, which is not restricted to only the following two types of packets that can be labeled with simple rules called labeled packet: Transmission Control Protocol (TCP) Port 80 (80/TCP) and User Datagram Protocol (UDP) Port 53 (53/UDP). Usually, it is not easy to detect DDoS backscatter from the unlabeled packets, which an expert needs to analyze packet traffic manually. To deal with unlabeled packets, first, the detection system would learns general rules of DDoS backscatter using information from 80/TCP and 53/UDP. After the learning process, the generalized detection system is used to detect the DDoS backscatter from unlabeled packets. This detection system consists of two main modules which are pre-processing and classifier. In the pre-processing module, the incoming packets are transformed into feature vectors. As for the classifier module, since it is important to detect DDoS backscatter from all protocols as early as possible, we use Resource Allocating Network (RAN) with data selection. Using this classifier, the learning time is shortened because the classifier only learns essential data. Here, essential data means the data located in "well learned" regions, in which the classifier gives trustable predictions. To quickly search for the regions closest to given data, the well-known Locality Sensitive Hashing (LSH) method is used. The performance of the proposed detection system is evaluated using 9,968 training data from labeled packets and 5,933 test data from unlabeled packets. They are collected from January 1st, 2013 until January 20th, 2014 at National Institute of Information and Communications Technology (NICT), Japan. The results indicate that the detection system can detects the DDoS backscatter with high detection rate within a short time.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.