Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7996490
Menglan Jiang, M. Condoluci, Toktam Mahmoodi
The 5G mobile network is expected to meet the diverse demands from multiple types of business services. At the same time, some of the 5G use cases come with hard, and often expensive to meet, requirements in terms of latency and bandwidth. It is a common understanding that one system can not fit all and there is a need for customizing network according to the requirements of specific business use cases. Network slicing is introduced to partition the physical network to different slices to be configured for providing different quality of service as requested by the slice' operator and required by the slice' users. Since these slices will be used by the businesses, e.g. verticals, allocating physical resources to the network slices, is not anymore only a matter of performance but also a matter of revenue and business model. In this paper, we address a joint resource and revenue optimization a novel auction based model. Through extensive simulation study, we demonstrate our proposed auction model can allocate network resources to network slices for providing (i) higher satisfaction of requirements per network slice, and (ii) increased network revenue1.
{"title":"Network slicing in 5G: An auction-based model","authors":"Menglan Jiang, M. Condoluci, Toktam Mahmoodi","doi":"10.1109/ICC.2017.7996490","DOIUrl":"https://doi.org/10.1109/ICC.2017.7996490","url":null,"abstract":"The 5G mobile network is expected to meet the diverse demands from multiple types of business services. At the same time, some of the 5G use cases come with hard, and often expensive to meet, requirements in terms of latency and bandwidth. It is a common understanding that one system can not fit all and there is a need for customizing network according to the requirements of specific business use cases. Network slicing is introduced to partition the physical network to different slices to be configured for providing different quality of service as requested by the slice' operator and required by the slice' users. Since these slices will be used by the businesses, e.g. verticals, allocating physical resources to the network slices, is not anymore only a matter of performance but also a matter of revenue and business model. In this paper, we address a joint resource and revenue optimization a novel auction based model. Through extensive simulation study, we demonstrate our proposed auction model can allocate network resources to network slices for providing (i) higher satisfaction of requirements per network slice, and (ii) increased network revenue1.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"55 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90976294","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7997095
Chengxiao Yu, Wei Quan, Shui Yu, Hongke Zhang
Due to the severe environment along the High-Speed Railway (HSR), it is essential to research an efficient HSR communication system. In our previous work, we collected and analyzed an amount of the first hand dataset of signal intensity in HSR networks. We first observed that the link status variation presented an obvious Two-Time-Scale characteristics. However, that work did not analyze the cause of the Two-Time-Scale characteristics clearly. In this work, we focus on the fundamental cause of the periodic Two-Time-Scale characteristics, and make a lot of in-depth studies on this interesting phenomenon. Furthermore, we rebuild Two-Time-Scale characteristics by leveraging the relationship between the link state variation and the geographical position along HSR lines. In particular, considering the distribution of urban areas and rural ones along the HSR, a periodic distance based small time-scale model and a path-loss based large time-scale model are proposed respectively. Simulation results show the proposed models can perfectly explain the Two-Time-Scale characteristics and predict HSR link quality.
{"title":"On the two time scale characteristics of wireless high speed railway networks","authors":"Chengxiao Yu, Wei Quan, Shui Yu, Hongke Zhang","doi":"10.1109/ICC.2017.7997095","DOIUrl":"https://doi.org/10.1109/ICC.2017.7997095","url":null,"abstract":"Due to the severe environment along the High-Speed Railway (HSR), it is essential to research an efficient HSR communication system. In our previous work, we collected and analyzed an amount of the first hand dataset of signal intensity in HSR networks. We first observed that the link status variation presented an obvious Two-Time-Scale characteristics. However, that work did not analyze the cause of the Two-Time-Scale characteristics clearly. In this work, we focus on the fundamental cause of the periodic Two-Time-Scale characteristics, and make a lot of in-depth studies on this interesting phenomenon. Furthermore, we rebuild Two-Time-Scale characteristics by leveraging the relationship between the link state variation and the geographical position along HSR lines. In particular, considering the distribution of urban areas and rural ones along the HSR, a periodic distance based small time-scale model and a path-loss based large time-scale model are proposed respectively. Simulation results show the proposed models can perfectly explain the Two-Time-Scale characteristics and predict HSR link quality.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"3 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79717972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7997374
Francisco J. Aparicio-Navarro, J. Chambers, K. Kyriakopoulos, Yu Gong, D. Parish
As the complexity of cyber-attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of Intrusion Detection Systems (IDSs) should be able to adapt their detection characteristics based not only on the measureable network traffic, but also on the available highlevel information related to the protected network to improve their detection results. We make use of the Pattern-of-Life (PoL) of a network as the main source of high-level information, which is correlated with the time of the day and the usage of the network resources. We propose the use of a Fuzzy Cognitive Map (FCM) to incorporate the PoL into the detection process. The main aim of this work is to evidence the improved the detection performance of an IDS using an FCM to leverage on network related contextual information. The results that we present verify that the proposed method improves the effectiveness of our IDS by reducing the total number of false alarms; providing an improvement of 9.68% when all the considered metrics are combined and a peak improvement of up to 35.64%, depending on particular metric combination.
{"title":"Using the pattern-of-life in networks to improve the effectiveness of intrusion detection systems","authors":"Francisco J. Aparicio-Navarro, J. Chambers, K. Kyriakopoulos, Yu Gong, D. Parish","doi":"10.1109/ICC.2017.7997374","DOIUrl":"https://doi.org/10.1109/ICC.2017.7997374","url":null,"abstract":"As the complexity of cyber-attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of Intrusion Detection Systems (IDSs) should be able to adapt their detection characteristics based not only on the measureable network traffic, but also on the available highlevel information related to the protected network to improve their detection results. We make use of the Pattern-of-Life (PoL) of a network as the main source of high-level information, which is correlated with the time of the day and the usage of the network resources. We propose the use of a Fuzzy Cognitive Map (FCM) to incorporate the PoL into the detection process. The main aim of this work is to evidence the improved the detection performance of an IDS using an FCM to leverage on network related contextual information. The results that we present verify that the proposed method improves the effectiveness of our IDS by reducing the total number of false alarms; providing an improvement of 9.68% when all the considered metrics are combined and a peak improvement of up to 35.64%, depending on particular metric combination.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"68 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77725769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7997240
Kezhi Wang, Kun Yang
With the fast development of the cloud computing and virtualization techniques, computation resources can be allocated more dynamically and scalably on demand. This paper aims to study two types of computing, i.e., service computing and communication computing. We have proposed to have both computing resource in mobile operator's mobile cloud and investigated how to jointly allocate them with the objective of reducing mobile operator's power consumption and meanwhile, improving mobile users' experience. In this paper, we have introduced the computing power minimization problem, which is NP-hard. By applying several transformations and estimations, the problem can be solved by the branch and bound solution. Also, admission control is considered in this paper. Simulation results have shown that the proposed joint resource allocation solution has a very good performance and outperforms the traditional fixed data rate guarantee algorithm.
{"title":"Resource allocation between service computing and communication computing for mobile operator","authors":"Kezhi Wang, Kun Yang","doi":"10.1109/ICC.2017.7997240","DOIUrl":"https://doi.org/10.1109/ICC.2017.7997240","url":null,"abstract":"With the fast development of the cloud computing and virtualization techniques, computation resources can be allocated more dynamically and scalably on demand. This paper aims to study two types of computing, i.e., service computing and communication computing. We have proposed to have both computing resource in mobile operator's mobile cloud and investigated how to jointly allocate them with the objective of reducing mobile operator's power consumption and meanwhile, improving mobile users' experience. In this paper, we have introduced the computing power minimization problem, which is NP-hard. By applying several transformations and estimations, the problem can be solved by the branch and bound solution. Also, admission control is considered in this paper. Simulation results have shown that the proposed joint resource allocation solution has a very good performance and outperforms the traditional fixed data rate guarantee algorithm.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"12 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88643221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7996737
J. M. Duncan, S. Sharma, S. Chatzinotas, B. Ottersten, Xianbin Wang
Cognitive Radio (CR) communication has been considered as one of the promising technologies to enable dynamic spectrum sharing in the next generation of wireless networks. Among several possible enabling techniques, Spectrum Sensing (SS) is one of the key aspects for enabling opportunistic spectrum access in CR Networks (CRN). From practical perspectives, it is important to design low-complexity wideband CR receiver having low resolution Analog to Digital Converter (ADC) working at a reasonable sampling rate. In this context, this paper proposes a novel spatio-temporal wideband SS technique by employing multiple antennas and one-bit quantization at the CR node, which subsequently enables the use of a reasonable sampling rate. In our analysis, we show that for the same sensing performance requirements, the proposed wideband receiver can have lower power consumption than the conventional CR receiver equipped with a single-antenna and a high-resolution ADC. Furthermore, the proposed technique exploits the spatial dimension by estimating the direction of arrival of Primary User (PU) signals, which is not possible by the conventional SS methods and can be of a significant benefit in a CRN. Moreover, we evaluate the performance of the proposed technique and analyze the effects of one-bit quantization with the help of numerical results.
{"title":"Multi-antenna based one-bit spatio-temporal wideband sensing for cognitive radio networks","authors":"J. M. Duncan, S. Sharma, S. Chatzinotas, B. Ottersten, Xianbin Wang","doi":"10.1109/ICC.2017.7996737","DOIUrl":"https://doi.org/10.1109/ICC.2017.7996737","url":null,"abstract":"Cognitive Radio (CR) communication has been considered as one of the promising technologies to enable dynamic spectrum sharing in the next generation of wireless networks. Among several possible enabling techniques, Spectrum Sensing (SS) is one of the key aspects for enabling opportunistic spectrum access in CR Networks (CRN). From practical perspectives, it is important to design low-complexity wideband CR receiver having low resolution Analog to Digital Converter (ADC) working at a reasonable sampling rate. In this context, this paper proposes a novel spatio-temporal wideband SS technique by employing multiple antennas and one-bit quantization at the CR node, which subsequently enables the use of a reasonable sampling rate. In our analysis, we show that for the same sensing performance requirements, the proposed wideband receiver can have lower power consumption than the conventional CR receiver equipped with a single-antenna and a high-resolution ADC. Furthermore, the proposed technique exploits the spatial dimension by estimating the direction of arrival of Primary User (PU) signals, which is not possible by the conventional SS methods and can be of a significant benefit in a CRN. Moreover, we evaluate the performance of the proposed technique and analyze the effects of one-bit quantization with the help of numerical results.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"37 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84183578","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7996655
Quoc-Tuan Vien, T. Le, T. Duong
This paper investigates the security at the physical layer in cooperative wireless networks (CWNs) where the data transmission between nodes can be realised via either direct transmission (DT) or relaying transmission (RT) schemes. Inspired by the concept of physical-layer network coding (PNC), a secure PNC-based modify-and-forward (SPMF) is developed to cope with the imperfect shared knowledge of the message modification between relay and destination in the conventional modify-and-forward (MF). In this paper, we first derive the secrecy outage probability (SOP) of the SPMF scheme, which is shown to be a general expression for deriving the SOP of any MF schemes. By comparing the SOPs of various schemes, the usage of the relay is shown to be not always necessary and even causes a poorer performance depending on target secrecy rate and quality of channel links. To this extent, we then propose an opportunistic secure transmission protocol to minimise the SOP of the CWNs. In particular, an optimisation problem is developed in which secrecy rate thresholds (SRTs) are determined to find an optimal scheme among various DT and RT schemes for achieving the lowest SOP. Furthermore, the conditions for the existence of SRTs are derived with respect to various channel conditions to determine if the relay could be relied on in practice.
{"title":"Opportunistic secure transmission for wireless relay networks with modify-and-forward protocol","authors":"Quoc-Tuan Vien, T. Le, T. Duong","doi":"10.1109/ICC.2017.7996655","DOIUrl":"https://doi.org/10.1109/ICC.2017.7996655","url":null,"abstract":"This paper investigates the security at the physical layer in cooperative wireless networks (CWNs) where the data transmission between nodes can be realised via either direct transmission (DT) or relaying transmission (RT) schemes. Inspired by the concept of physical-layer network coding (PNC), a secure PNC-based modify-and-forward (SPMF) is developed to cope with the imperfect shared knowledge of the message modification between relay and destination in the conventional modify-and-forward (MF). In this paper, we first derive the secrecy outage probability (SOP) of the SPMF scheme, which is shown to be a general expression for deriving the SOP of any MF schemes. By comparing the SOPs of various schemes, the usage of the relay is shown to be not always necessary and even causes a poorer performance depending on target secrecy rate and quality of channel links. To this extent, we then propose an opportunistic secure transmission protocol to minimise the SOP of the CWNs. In particular, an optimisation problem is developed in which secrecy rate thresholds (SRTs) are determined to find an optimal scheme among various DT and RT schemes for achieving the lowest SOP. Furthermore, the conditions for the existence of SRTs are derived with respect to various channel conditions to determine if the relay could be relied on in practice.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"9 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89043468","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7996596
Victor Millnert, J. Eker, Enrico Bini
There is a strong industrial drive to use cloud computing technologies and concepts for providing timing sensitive services in the networking domain since it would provide the means to share the physical resources among multiple users and thus increase the elasticity and reduce the costs. In this work, we develop a mathematical model for user-stateless virtual network functions forming a forwarding graph. The model captures uncertainties of the performance of these virtual resources as well as the time-overhead needed to instantiate them. The model is used to derive a service controller for horizontal scaling of the virtual resources as well as an admission controller that guarantees that packets exiting the forwarding graph meet their end-to-end deadline. The Automatic Service and Admission Controller (AutoSAC) developed in this work uses feedback and feedforward making it robust against uncertainties of the underlying infrastructure. Also, it has a fast reaction time to changes in the input.
{"title":"Dynamic control of NFV forwarding graphs with end-to-end deadline constraints","authors":"Victor Millnert, J. Eker, Enrico Bini","doi":"10.1109/ICC.2017.7996596","DOIUrl":"https://doi.org/10.1109/ICC.2017.7996596","url":null,"abstract":"There is a strong industrial drive to use cloud computing technologies and concepts for providing timing sensitive services in the networking domain since it would provide the means to share the physical resources among multiple users and thus increase the elasticity and reduce the costs. In this work, we develop a mathematical model for user-stateless virtual network functions forming a forwarding graph. The model captures uncertainties of the performance of these virtual resources as well as the time-overhead needed to instantiate them. The model is used to derive a service controller for horizontal scaling of the virtual resources as well as an admission controller that guarantees that packets exiting the forwarding graph meet their end-to-end deadline. The Automatic Service and Admission Controller (AutoSAC) developed in this work uses feedback and feedforward making it robust against uncertainties of the underlying infrastructure. Also, it has a fast reaction time to changes in the input.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"6 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73528576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7997206
Xuanxuan Tang, Yueming Cai, Wendong Yang, Yu-zhen Huang, T. Duong, Weiwei Yang
This work studies the secrecy outage performance of buffer-aided dual-hop multi-antenna relay systems without eavesdropper's channel state information (CSI). By modeling the dynamic buffer state transitions with the Markov chain, the secrecy outage probability at each state is investigated and the stationary distribution probabilities of all states are subsequently derived. Using the total probability theorem, the closed-form expression of the secrecy outage probability of the system is finally obtained. It demonstrates that due to the fully exploitation of the available channels, the buffer-aided relay selection yields to better performance than Best Relay Selection (BRS), even when less relays and antennas are utilized. It is also shown that the buffer-aided relaying only results in a small performance degradation when the buffers are constrained to finite size, thus can be well applied to practical relaying cooperative networks. Simulation results are given to verify the theoretical analysis.
{"title":"Secrecy outage analysis of buffer-aided multi-antenna relay systems without eavesdropper's CSI","authors":"Xuanxuan Tang, Yueming Cai, Wendong Yang, Yu-zhen Huang, T. Duong, Weiwei Yang","doi":"10.1109/ICC.2017.7997206","DOIUrl":"https://doi.org/10.1109/ICC.2017.7997206","url":null,"abstract":"This work studies the secrecy outage performance of buffer-aided dual-hop multi-antenna relay systems without eavesdropper's channel state information (CSI). By modeling the dynamic buffer state transitions with the Markov chain, the secrecy outage probability at each state is investigated and the stationary distribution probabilities of all states are subsequently derived. Using the total probability theorem, the closed-form expression of the secrecy outage probability of the system is finally obtained. It demonstrates that due to the fully exploitation of the available channels, the buffer-aided relay selection yields to better performance than Best Relay Selection (BRS), even when less relays and antennas are utilized. It is also shown that the buffer-aided relaying only results in a small performance degradation when the buffers are constrained to finite size, thus can be well applied to practical relaying cooperative networks. Simulation results are given to verify the theoretical analysis.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"43 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80316013","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7996627
Yijin Pan, Cunhua Pan, Huiling Zhu, Q. Ahmed, Ming Chen, Jiangzhou Wang
As a promising solution to offload cellular traffic, device-to-device (D2D) communication has been adopted to help disseminate contents. In this paper, the D2D offloading utility is maximized by proposing an optimal content pushing strategy based on the user interests and sharing willingness. Specifically, users are classified into groups by their interest probabilities and carry out D2D communications according to their sharing willingness. Although the formulated optimization problem is nonconvex, the optimal solution is obtained in closed-form by applying Karush-Kuhn-Tucker conditions. The theoretical and simulation results show that more contents should be pushed to the user group that is most willing to share, instead of the group that has the largest number of interested users.
{"title":"Content offloading via D2D communications based on user interests and sharing willingness","authors":"Yijin Pan, Cunhua Pan, Huiling Zhu, Q. Ahmed, Ming Chen, Jiangzhou Wang","doi":"10.1109/ICC.2017.7996627","DOIUrl":"https://doi.org/10.1109/ICC.2017.7996627","url":null,"abstract":"As a promising solution to offload cellular traffic, device-to-device (D2D) communication has been adopted to help disseminate contents. In this paper, the D2D offloading utility is maximized by proposing an optimal content pushing strategy based on the user interests and sharing willingness. Specifically, users are classified into groups by their interest probabilities and carry out D2D communications according to their sharing willingness. Although the formulated optimization problem is nonconvex, the optimal solution is obtained in closed-form by applying Karush-Kuhn-Tucker conditions. The theoretical and simulation results show that more contents should be pushed to the user group that is most willing to share, instead of the group that has the largest number of interested users.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"17 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84167537","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.1109/ICC.2017.7997376
D. Beckett, S. Sezer, J. McCanny
Distributed Denial of Service (DDoS) attacks targeting the application layer are becoming more prevalent due to a lack of suitable defence solutions. Existing research treats the web server environment as a black box, by only monitoring the edge network traffic; however, we believe that this approach limits the accuracy of the detection system as it does not protect the back-end database servers. In this paper we propose a new sensor located within the back-end system, which can produce additional database features. This allows for real-time insight into the actual database workload caused by each user enabling the detection of DDoS attacks targeting high database consumption resources. These resource metrics are analysed in real-time on a live website, using a decision tree classification engine. Our preliminary results show that a low rate asymmetric attack as low as 1 request every 10 seconds can be detected using these proposed features.
{"title":"New sensing technique for detecting application layer DDoS attacks targeting back-end database resources","authors":"D. Beckett, S. Sezer, J. McCanny","doi":"10.1109/ICC.2017.7997376","DOIUrl":"https://doi.org/10.1109/ICC.2017.7997376","url":null,"abstract":"Distributed Denial of Service (DDoS) attacks targeting the application layer are becoming more prevalent due to a lack of suitable defence solutions. Existing research treats the web server environment as a black box, by only monitoring the edge network traffic; however, we believe that this approach limits the accuracy of the detection system as it does not protect the back-end database servers. In this paper we propose a new sensor located within the back-end system, which can produce additional database features. This allows for real-time insight into the actual database workload caused by each user enabling the detection of DDoS attacks targeting high database consumption resources. These resource metrics are analysed in real-time on a live website, using a decision tree classification engine. Our preliminary results show that a low rate asymmetric attack as low as 1 request every 10 seconds can be detected using these proposed features.","PeriodicalId":6517,"journal":{"name":"2017 IEEE International Conference on Communications (ICC)","volume":"255 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76885000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: