DiCoTraM: A distributed and coordinated DDoS flooding attack tailored traffic monitoring

Zargar, Saman Taghavi; Joshi, James; Tipper, David

doi:10.1109/iri.2014.7051881

Cited by 4 publications

(4 citation statements)

References 22 publications

(26 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, the eNodeB 2 can effectively verify the validity of the authentication request, decide whether to perform a check operation and prevent from denial-of-service attacks. Moreover, the traffic detection methods can defend against the denial-of-service attacks which occupy channel resources [19,20]. It will not be described further in this paper.…”

Section: Mechanism Analysis 41 Security Analysismentioning

confidence: 99%

A Relay-assisted Secure Handover Mechanism for High-speed Trains

2019

KSII TIIS

View full text Add to dashboard Cite

Considering that the existing Long Term Evolution is not suitable for the fast and frequent handovers of high-speed trains, this paper proposes a relay-assisted handover mechanism to solve the problems of long handover authentication time and vulnerable to security attacks. It can achieve mutual authentication for train-ground wireless communication, and data transmission is consistent with one-time pad at the same time. The security analysis, efficiency analysis and simulation results show that the proposed mechanism not only realizes the forward security and resists many common attacks, but also effectively reduces the computational overhead of train antenna during the secure handover process. When the running speed of a train is lower than 500km/h, the handover delay is generally lower than 50ms and the handover outage probability is less than 1.8%. When the running speed of a train is 350km/h, the throughput is higher than 16.4mbps in the process of handover. Therefore, the secure handover mechanism can improve the handover performance of high-speed trains.

show abstract

Section: Mechanism Analysis 41 Security Analysismentioning

confidence: 99%

A Relay-assisted Secure Handover Mechanism for High-speed Trains

2019

KSII TIIS

View full text Add to dashboard Cite

show abstract

“…There are two main groups of sampling methods: packet sampling and flow sampling [28,29]. The packet sampling method, applied to packets before generating flows, is improved in [30], which proposes an adaptive packet sampling method to provide accurate measurements of network traffic.…”

Section: Introductionmentioning

confidence: 99%

“…In terms of preserving the characteristics of flow traffic, it has been shown that flow sampling, applied to flows, is more efficient than packet-based sampling [29,31]. However, the required memory and CPU power is greater [26,28].…”

Section: Introductionmentioning

confidence: 99%

Performance of Flow-based Anomaly Detection in Sampled Traffic

Jadidi¹,

Muthukkumarasamy²,

Sithirasenan³

et al. 2016

JNW

View full text Add to dashboard Cite

In recent years, flow-based anomaly detection has attracted considerable attention from many researchers and some methods have been proposed to improve its accuracy. However, only a few studies have considered anomaly detection with sampled flow traffic, which is widely used for the management of high-speed networks. This gap is addressed in this study. First, we optimize an artificial neural network (ANN)-based classifier to detect anomalies in flow traffic. The results show that although it has a high degree of accuracy, the classifier loses significant information in the process of sampling. In this regard, we propose a sampling method to improve the performance of flow-based anomaly detection in sampled traffic. While existing sampling methods for anomaly detection preserve only small malicious flows, the proposed algorithm samples both small and large malicious flows. Therefore, the detection rate of the flow-based anomaly detector is improved by about 5% using our algorithm. To evaluate the proposed sampling method, three flow-based datasets are generated in this study.

show abstract

“…Flow-based anomaly detection methods for high-speed networks mostly use sampled traffic. Two sampling methods, packet sampling and flow sampling, are widely investigated [21,22]. Packet sampling is performed at routers before flows are generated but flow sampling is applied to flows at NetFlow collectors [23].…”

Section: Introductionmentioning

confidence: 99%

Intelligent Sampling Using an Optimized Neural Network

Jadidi¹,

Muthukkumarasamy²,

Sithirasenan³

et al. 2016

JNW

View full text Add to dashboard Cite

Modern Internet has enabled wider usage, resulting in increased network traffic. Due to the high volume of data packets in networking, sampling techniques are widely used in flow-based network management software to manage traffic load. However, sampling processes reduce the likelihood of anomaly detection. Many studies have been carried out at improving the accuracy of anomaly detection. However, only a few studies have considered it with sampled flow traffic. In our study, we investigate the use of an artificial neural network (ANN)based classifier to improve the accuracy of flow-based anomaly detection in sampled traffic. A feedback from the ANN-based anomaly detector determines the type of the flow sampling method that should be used. Our proposed technique handles malicious flows and benign flows with different sampling methods. To evaluate the proposed sampling technique, a number of flow-based datasets are generated. Our experiments confirm that the proposed technique improves the percentage of the sampled malicious flows by about 7% and it can preserve the majority of traffic information.

show abstract

DiCoTraM: A distributed and coordinated DDoS flooding attack tailored traffic monitoring

Cited by 4 publications

References 22 publications

A Relay-assisted Secure Handover Mechanism for High-speed Trains

A Relay-assisted Secure Handover Mechanism for High-speed Trains

Performance of Flow-based Anomaly Detection in Sampled Traffic

Intelligent Sampling Using an Optimized Neural Network

Contact Info

Product

Resources

About