FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1503334296> ?p ?o ?g. }

• W1503334296 abstract "Distributed denial of service attacks have become both prevalent and sophisticated. Botnet-driven attacks can be launched from thousands of worm-infected and compromised machines with relative ease and impunity today. The damage caused by such attacks is considerable: the 2004 CSI/FBI computer crime and security survey found that DDOS attacks are the second largest contributor to all financial losses due to cybercrime [3]. Further, distributed attacks are expected to increase both in sophistication and damage [1]. Containing distributed attacks is therefore a crucial problem, one that has not been adequately addressed. One reason why distributed attacks are difficult to contain is because defenses against these attacks are typically deployed at edge networks, near the victim. Deploying defenses at the edge makes detecting attacks easier, since one simply needs to monitor incoming traffic volume for an unusually large burst. However, containing and mitigating such attacks from the edge is ineffective for two reasons. First, filtering the malicious attack traffic requires identifying the (potentially thousands of) attackers, which is complicated, especially if the source addresses are spoofed. Second, even if accurate filtering was feasbile at the edge, it cannot prevent attackers from consuming the victim’s bandwidth, and denying service to legitimate users. Thus edge-based defenses against distributed attacks have limited value. On the other hand, defending against distributed attacks at the backbone (i.e., carrier networks) overcomes the hurdles of edgebased defenses. In principle, backbone networks can detect and identify the origins of malicious sources involved in a distributed attack that traverses the backbone. Thus backbone networks are well-suited to mitigate distributed attacks, before they cause harm to the victim at the edge. However, distributed attacks are challenging to detect in the backbone because they do not cause a visible, easily detectable change in traffic volume on individual backbone links. To effectively detect distributed attacks in the backbone, one therefore needs to simultaneously analyze all traffic across the network. In this work, we present our methods to detect distributed attacks in backbone networks using sampled flow traffic data. Distributed attacks are traditionally viewed to be fundamentally more difficult to detect than single-source attacks. In contrast, we demonstrate that the more distributed an attack is,the better our methods are at detecting it. This is because our methods analyze correlations across all network-wide traffic simultaneously, instead of inspecting traffic on individual links in isolation. In addition, our methods are highly sensitive to the attack intensity; we show that attacks rates of less than 1% of the underlying traffic can be detected successfully by our methods. The rest of this paper is organized as follows. In the next section we show how network-wide traffic summaries can be assembled, and present the data we have processed from the Abilene Internet2 backbone network. Then, in Section 3, we describe the multiway subspace method for detecting attacks in network-wide flow data. We evaluate our methods on actual DDOS attack traces in a series of experiments and present results in Section 4. Finally, we conclude in Section 5." @default.
• W1503334296 created "2016-06-24" @default.
• W1503334296 creator A5064525211 @default.
• W1503334296 creator A5077602642 @default.
• W1503334296 creator A5079029444 @default.
• W1503334296 date "2005-01-01" @default.
• W1503334296 modified "2023-09-27" @default.
• W1503334296 title "Detecting Distributed Attacks using Network-Wide Flow Traffic" @default.
• W1503334296 cites W1525451939 @default.
• W1503334296 cites W1997299558 @default.
• W1503334296 cites W2139054829 @default.
• W1503334296 cites W2157578436 @default.
• W1503334296 cites W2159160833 @default.
• W1503334296 cites W2164210932 @default.
• W1503334296 hasPublicationYear "2005" @default.
• W1503334296 type Work @default.
• W1503334296 sameAs 1503334296 @default.
• W1503334296 citedByCount "7" @default.
• W1503334296 countsByYear W15033342962014 @default.
• W1503334296 crossrefType "journal-article" @default.
• W1503334296 hasAuthorship W1503334296A5064525211 @default.
• W1503334296 hasAuthorship W1503334296A5077602642 @default.
• W1503334296 hasAuthorship W1503334296A5079029444 @default.
• W1503334296 hasConcept C110875604 @default.
• W1503334296 hasConcept C136764020 @default.
• W1503334296 hasConcept C144024400 @default.
• W1503334296 hasConcept C162307627 @default.
• W1503334296 hasConcept C168725872 @default.
• W1503334296 hasConcept C22735295 @default.
• W1503334296 hasConcept C2779390178 @default.
• W1503334296 hasConcept C31258907 @default.
• W1503334296 hasConcept C36289849 @default.
• W1503334296 hasConcept C38652104 @default.
• W1503334296 hasConcept C38822068 @default.
• W1503334296 hasConcept C41008148 @default.
• W1503334296 hasConcept C76155785 @default.
• W1503334296 hasConceptScore W1503334296C110875604 @default.
• W1503334296 hasConceptScore W1503334296C136764020 @default.
• W1503334296 hasConceptScore W1503334296C144024400 @default.
• W1503334296 hasConceptScore W1503334296C162307627 @default.
• W1503334296 hasConceptScore W1503334296C168725872 @default.
• W1503334296 hasConceptScore W1503334296C22735295 @default.
• W1503334296 hasConceptScore W1503334296C2779390178 @default.
• W1503334296 hasConceptScore W1503334296C31258907 @default.
• W1503334296 hasConceptScore W1503334296C36289849 @default.
• W1503334296 hasConceptScore W1503334296C38652104 @default.
• W1503334296 hasConceptScore W1503334296C38822068 @default.
• W1503334296 hasConceptScore W1503334296C41008148 @default.
• W1503334296 hasConceptScore W1503334296C76155785 @default.
• W1503334296 hasLocation W15033342961 @default.
• W1503334296 hasOpenAccess W1503334296 @default.
• W1503334296 hasPrimaryLocation W15033342961 @default.
• W1503334296 hasRelatedWork W131725317 @default.
• W1503334296 hasRelatedWork W2018026534 @default.
• W1503334296 hasRelatedWork W2066070678 @default.
• W1503334296 hasRelatedWork W2111647261 @default.
• W1503334296 hasRelatedWork W2144936818 @default.
• W1503334296 hasRelatedWork W2157578436 @default.
• W1503334296 hasRelatedWork W2164210932 @default.
• W1503334296 hasRelatedWork W2229773071 @default.
• W1503334296 hasRelatedWork W2350539876 @default.
• W1503334296 hasRelatedWork W2416307602 @default.
• W1503334296 hasRelatedWork W2591801246 @default.
• W1503334296 hasRelatedWork W2782031700 @default.
• W1503334296 hasRelatedWork W2783018825 @default.
• W1503334296 hasRelatedWork W2892142441 @default.
• W1503334296 hasRelatedWork W2913483478 @default.
• W1503334296 hasRelatedWork W3023377860 @default.
• W1503334296 hasRelatedWork W3043834690 @default.
• W1503334296 hasRelatedWork W3183811690 @default.
• W1503334296 hasRelatedWork W3184835943 @default.
• W1503334296 hasRelatedWork W2554425992 @default.
• W1503334296 isParatext "false" @default.
• W1503334296 isRetracted "false" @default.
• W1503334296 magId "1503334296" @default.
• W1503334296 workType "article" @default.