A Novel Threat Assessment Method for DDoS Early Warning Using Network Vulnerability Analysis

2010 Fourth International Conference on Network and System Security Pub Date : 2010-09-01 DOI:10.1109/NSS.2010.52

Qiang Liu, Jianping Yin, Zhiping Cai, M. Zhu

引用次数: 4

Abstract

Distributed Denial of Service (DDoS) attack is one of main threats to Internet security. Due to the spatio-temporal properties of the attack, it is possible to detect the attack at its early stage. In this paper, we propose a novel method of DDoS threat assessment based on network vulnerability analysis. Both the multi-phase character in the temporal dimension and the impacts in the spatial dimension are concerned in our method. We use three metrics to assess threat, namely the ratio of progress, botnet size, and bots distribution. Experimental results show that our method is sensitive to the changes of attack states, and is easy to be implemented in an early warning system because of its simplicity.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于网络漏洞分析的DDoS预警威胁评估新方法

分布式拒绝服务(DDoS)攻击是网络安全面临的主要威胁之一。由于攻击的时空特性，可以在攻击的早期阶段检测到攻击。本文提出了一种基于网络漏洞分析的DDoS威胁评估新方法。该方法既考虑了时间维度上的多相特征，又考虑了空间维度上的影响。我们使用三个指标来评估威胁，即进度比率，僵尸网络规模和机器人分布。实验结果表明，该方法对攻击状态的变化非常敏感，且简单易行，易于在预警系统中实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2010 Fourth International Conference on Network and System Security

自引率

0.00%

发文量

期刊最新文献

Privacy-Preserving Protocols for String Matching The PU-Tree: A Partition-Based Uncertain High-Dimensional Indexing Algorithm Ignorant Experts: Computer and Network Security Support from Internet Service Providers Resource Selection from Distributed Semantic Web Stores A Purpose Based Access Control in XML Databases System