{"title":"DDoS attack forecasting system architecture using Honeynet","authors":"Dongwoo Kwon, J. W. Hong, Hong-Taek Ju","doi":"10.1109/APNOMS.2012.6356055","DOIUrl":null,"url":null,"abstract":"This paper proposes a proactive security system to forecast Distributed Denial of Service (DDoS) attacks. A reactive system focused on detection after network attacks occur has difficulties responding rapidly to massive distributed attacks, such as DDoS. By forecasting the attack, we can take active countermeasures such as strengthening the power of the security devices and it would also enable us to plan a recovery procedure and countermeasures beforehand, providing a more rapid response. In this paper, we discuss previous studies related to intrusion forecasting, define the concept of intrusion forecasting and propose the Internet Intrusion Forecasting System Architecture. To obtain intrusion factors for DDoS attack forecasts, Honeynet was deployed and we analyze Hflow data gathered from Honeynet.","PeriodicalId":385920,"journal":{"name":"2012 14th Asia-Pacific Network Operations and Management Symposium (APNOMS)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 14th Asia-Pacific Network Operations and Management Symposium (APNOMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APNOMS.2012.6356055","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10
Abstract
This paper proposes a proactive security system to forecast Distributed Denial of Service (DDoS) attacks. A reactive system focused on detection after network attacks occur has difficulties responding rapidly to massive distributed attacks, such as DDoS. By forecasting the attack, we can take active countermeasures such as strengthening the power of the security devices and it would also enable us to plan a recovery procedure and countermeasures beforehand, providing a more rapid response. In this paper, we discuss previous studies related to intrusion forecasting, define the concept of intrusion forecasting and propose the Internet Intrusion Forecasting System Architecture. To obtain intrusion factors for DDoS attack forecasts, Honeynet was deployed and we analyze Hflow data gathered from Honeynet.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
