Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/16557
Title: An integrated solution for policy filtering and traffic anomaly detection
Authors: Wang, Z
Che, H
Cao, J 
Issue Date: 2008
Publisher: Springer
Source: Lecture notes in computer science (including subseries Lecture notes in artificial intelligence and lecture notes in bioinformatics), 2008, v. 5060 LNCS, p. 106-120 How to cite?
Journal: Lecture notes in computer science (including subseries Lecture notes in artificial intelligence and lecture notes in bioinformatics) 
Abstract: In this paper, we propose a Ternary Content Addressable Memory (TCAM) coprocessor based solution for high speed, integrated policy filtering and TCP flow anomaly detection. In the proposed solution, the TCP flow anomaly is detected through two dimensional (2D) matching. The key features of the solution include: (1) setting flag bits in TCAM action code to support various packet treatments; (2) managing TCP flow state in pair to do 2D matching. The solution's ability for detecting TCP-based flooding attacks based on real-world-trace simulations are conducted. The results show that the proposed solution can match up OC-192 line rate while doing the integrated tasks.
Description: 5th International Conference on Autonomic and Trusted Computing, ATC 2008, Oslo, 23-25 June 2008
URI: http://hdl.handle.net/10397/16557
ISBN: 3540692940
9783540692942
ISSN: 0302-9743
EISSN: 1611-3349
DOI: 10.1007/978-3-540-69295-9_11
Appears in Collections:Conference Paper

Access
View full-text via PolyU eLinks SFX Query
Show full item record

WEB OF SCIENCETM
Citations

1
Last Week
0
Last month
0
Citations as of Dec 9, 2017

Page view(s)

90
Last Week
2
Last month
Checked on Dec 10, 2017

Google ScholarTM

Check

Altmetric



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.