{"title":"基于知识的分布式DoS防御模型","authors":"Shui-Sheng Lin, ShunChieh Lin, S. Tseng","doi":"10.1109/CCST.2003.1297569","DOIUrl":null,"url":null,"abstract":"The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false negative criterion, the detecting phase use the detecting rules to finds out the control traffic of distributed DoS. However, some false alarms appear because of the similar traffic with control traffic from special services. Therefore, the filtering rules are used to reduce the false alarm rate in filtering phase and detecting phase.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A knowledge-based model for defending distributed DoS\",\"authors\":\"Shui-Sheng Lin, ShunChieh Lin, S. Tseng\",\"doi\":\"10.1109/CCST.2003.1297569\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false negative criterion, the detecting phase use the detecting rules to finds out the control traffic of distributed DoS. However, some false alarms appear because of the similar traffic with control traffic from special services. Therefore, the filtering rules are used to reduce the false alarm rate in filtering phase and detecting phase.\",\"PeriodicalId\":344868,\"journal\":{\"name\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2003.1297569\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2003.1297569","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A knowledge-based model for defending distributed DoS
The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false negative criterion, the detecting phase use the detecting rules to finds out the control traffic of distributed DoS. However, some false alarms appear because of the similar traffic with control traffic from special services. Therefore, the filtering rules are used to reduce the false alarm rate in filtering phase and detecting phase.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
