Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/6568
PIRA download icon_1.1View/Download Full Text
DC FieldValueLanguage
dc.contributorDepartment of Computing-
dc.creatorLuo, X-
dc.creatorChan, EWW-
dc.creatorChang, RKC-
dc.date.accessioned2014-12-11T08:25:24Z-
dc.date.available2014-12-11T08:25:24Z-
dc.identifier.issn1687-6172-
dc.identifier.urihttp://hdl.handle.net/10397/6568-
dc.language.isoenen_US
dc.publisherSpringeren_US
dc.rightsCopyright © 2009 Xiapu Luo et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.en_US
dc.subjectComputer crimeen_US
dc.subjectTelecommunication trafficen_US
dc.subjectTransmission control protocolen_US
dc.subjectWavelet transformsen_US
dc.titleDetecting pulsing denial-of-service attacks with nondeterministic attack intervalsen_US
dc.typeJournal/Magazine Articleen_US
dc.identifier.spage1-
dc.identifier.epage13-
dc.identifier.volume2009-
dc.identifier.doi10.1155/2009/256821-
dcterms.abstractThis paper addresses the important problem of detecting pulsing denial of service (PDoS) attacks which send a sequence of attack pulses to reduce TCP throughput. Unlike previous works which focused on a restricted form of attacks, we consider a very broad class of attacks. In particular, our attack model admits any attack interval between two adjacent pulses, whether deterministic or not. It also includes the traditional flooding-based attacks as a limiting case (i.e., zero attack interval). Our main contribution is Vanguard, a new anomaly-based detection scheme for this class of PDoS attacks. The Vanguard detection is based on three traffic anomalies induced by the attacks, and it detects them using a CUSUM algorithm. We have prototyped Vanguard and evaluated it on a testbed. The experiment results show that Vanguard is more effective than the previous methods that are based on other traffic anomalies (after a transformation using wavelet transform, Fourier transform, and autocorrelation) and detection algorithms (e.g., dynamic time warping).-
dcterms.accessRightsopen accessen_US
dcterms.bibliographicCitationEURASIP Journal on advances in signal processing, 2 Mar. 2009, v. 2009, 256821, p. 1-13-
dcterms.isPartOfEURASIP Journal on advances in signal processing-
dcterms.issued2009-03-02-
dc.identifier.isiWOS:000266314600001-
dc.identifier.scopus2-s2.0-66749157109-
dc.identifier.eissn1687-6180-
dc.identifier.rosgroupidr42186-
dc.description.ros2008-2009 > Academic research: refereed > Publication in refereed journal-
dc.description.oaVersion of Recorden_US
dc.identifier.FolderNumberOA_IR/PIRAen_US
dc.description.pubStatusPublisheden_US
Appears in Collections:Journal/Magazine Article
Files in This Item:
File Description SizeFormat 
Luo_Detecting_Pulsing_Attack.pdf1.26 MBAdobe PDFView/Open
Open Access Information
Status open access
File Version Version of Record
Access
View full-text via PolyU eLinks SFX Query
Show simple item record

Page views

118
Last Week
2
Last month
Citations as of Mar 24, 2024

Downloads

120
Citations as of Mar 24, 2024

SCOPUSTM   
Citations

19
Last Week
0
Last month
0
Citations as of Mar 28, 2024

WEB OF SCIENCETM
Citations

12
Last Week
0
Last month
0
Citations as of Mar 28, 2024

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.