{"title":"一种利用关联规则检测H-IDS中DDoS攻击的新方法","authors":"Ragav Venkatesan, D. Devi, R. Keerthana, A. Kumar","doi":"10.1109/ICSCAN.2018.8541174","DOIUrl":null,"url":null,"abstract":"Across the globe, all the companies are marching towards data security and data protection. Prevention measures are taken to secure their database from an intruder. As the technology grows rapidly for information/data security, the intruders also use various techniques to exploit data on other side. Distributed Denial of Service (DDoS) attack is used to override the security of targeted system, where the attacker seeks to make a terminal unavailable to its authorized users temporarily by sending \"n\" number of packets over the network. The triggered DDoS attack interrupts any normal operation in a network and not letting the legitimate users to access the machine. Simply, the DDoS floods the targeted machine not to do any further actions. This examination is conveyed to distinguish DDoS attack in OSSEC HIDS, and successful measures to decrease false positive rate. \"OSSEC (HIDS)\"[1] has brought together, cross stage design enabling different frameworks to be effortlessly observed, overseen and simple to get the recorded logs. The extracted report was analyzed with \"ASSOCIATION RULE\" using Weka open source tool.","PeriodicalId":378798,"journal":{"name":"2018 IEEE International Conference on System, Computation, Automation and Networking (ICSCA)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A NOVEL APPROACH FOR DETECTING DDoS ATTACK IN H-IDS USING ASSOCIATION RULE\",\"authors\":\"Ragav Venkatesan, D. Devi, R. Keerthana, A. Kumar\",\"doi\":\"10.1109/ICSCAN.2018.8541174\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Across the globe, all the companies are marching towards data security and data protection. Prevention measures are taken to secure their database from an intruder. As the technology grows rapidly for information/data security, the intruders also use various techniques to exploit data on other side. Distributed Denial of Service (DDoS) attack is used to override the security of targeted system, where the attacker seeks to make a terminal unavailable to its authorized users temporarily by sending \\\"n\\\" number of packets over the network. The triggered DDoS attack interrupts any normal operation in a network and not letting the legitimate users to access the machine. Simply, the DDoS floods the targeted machine not to do any further actions. This examination is conveyed to distinguish DDoS attack in OSSEC HIDS, and successful measures to decrease false positive rate. \\\"OSSEC (HIDS)\\\"[1] has brought together, cross stage design enabling different frameworks to be effortlessly observed, overseen and simple to get the recorded logs. The extracted report was analyzed with \\\"ASSOCIATION RULE\\\" using Weka open source tool.\",\"PeriodicalId\":378798,\"journal\":{\"name\":\"2018 IEEE International Conference on System, Computation, Automation and Networking (ICSCA)\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Conference on System, Computation, Automation and Networking (ICSCA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSCAN.2018.8541174\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Conference on System, Computation, Automation and Networking (ICSCA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSCAN.2018.8541174","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A NOVEL APPROACH FOR DETECTING DDoS ATTACK IN H-IDS USING ASSOCIATION RULE
Across the globe, all the companies are marching towards data security and data protection. Prevention measures are taken to secure their database from an intruder. As the technology grows rapidly for information/data security, the intruders also use various techniques to exploit data on other side. Distributed Denial of Service (DDoS) attack is used to override the security of targeted system, where the attacker seeks to make a terminal unavailable to its authorized users temporarily by sending "n" number of packets over the network. The triggered DDoS attack interrupts any normal operation in a network and not letting the legitimate users to access the machine. Simply, the DDoS floods the targeted machine not to do any further actions. This examination is conveyed to distinguish DDoS attack in OSSEC HIDS, and successful measures to decrease false positive rate. "OSSEC (HIDS)"[1] has brought together, cross stage design enabling different frameworks to be effortlessly observed, overseen and simple to get the recorded logs. The extracted report was analyzed with "ASSOCIATION RULE" using Weka open source tool.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
