頁籤選單縮合
題 名 | Intrusion Detection, Forecast and Traceback Against DDoS Attacks |
---|---|
作 者 | Leu, Fang-yie; | 書刊名 | 資訊、科技與社會學報 |
卷 期 | 16 2009.12[民98.12] |
頁 次 | 頁19-44 |
分類號 | 312.76 |
關鍵詞 | DDoS; DRDoS; Intrusion detection; Intrusion traceback; CUSUM; |
語 文 | 英文(English) |
英文摘要 | Nowadays, DDoS is one of the most troublesome attacks. Attackers often penetrate innocent routers and hosts to make them unwittingly participate in such large-scale attacks acting as zombies or reflectors. Also, the Internet consists of autonomous network management units. Organizing these units is helpful in detecting DDoS attacks if several adjacent or nearby network management units could collaboratively guard and protect their important surrounded neighbors. In this article, we propose an Intrusion Detection, Forecast and Traceback System (IDeFT) based on united defense environment. First, a detection system that is able to detect two types of attacks, logical and DoS/DDoS, is developed. Logical attacks are recognized by neural networks. DDoS, distributed reflective DoS and what role a host/router plays in the two types of attacks are identified by the CUSUM algorithm. A hash-based intrusion tracer is also deployed to trace back to malicious clients. A forecasting model which plays the role as a proactive intrusion prevention system monitors network forwarding traffic to forecast malicious behaviors previously for its neighbor unit. Network management units with the properties of regional cooperation and autonomy can carry their network security to a higher achievement level. |
本系統中英文摘要資訊取自各篇刊載內容。