利用NTOPNG设计DDoS攻击检测器

2016 International Workshop on Big Data and Information Security (IWBIS) Pub Date : 2016-10-01 DOI:10.1109/IWBIS.2016.7872903

G. Jati, Budi Hartadi, A. Putra, Fahri Nurul, M. Iqbal, S. Yazid

{"title":"利用NTOPNG设计DDoS攻击检测器","authors":"G. Jati, Budi Hartadi, A. Putra, Fahri Nurul, M. Iqbal, S. Yazid","doi":"10.1109/IWBIS.2016.7872903","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) is one kind of attacks using multiple computers. An attacker would act as a fake service requester that drains resources in computer target. This makes the target cannot serve the real request service. Thus we need to develop DDoS detector system. The proposed system consists of traffic capture, packet analyzer, and packet displayer. The system utilizes Ntopng as main traffic analyzer. Detector system has to meet good standard in accuracy, sensitivity, and reliability. We evaluate the system using one of dangerous DDoS tool named Slowloris. The system can detect attacks and provide alerts to detector user. The system also can process all incoming packets with a small margin of error (0.76%).","PeriodicalId":193821,"journal":{"name":"2016 International Workshop on Big Data and Information Security (IWBIS)","volume":"76 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Design DDoS attack detector using NTOPNG\",\"authors\":\"G. Jati, Budi Hartadi, A. Putra, Fahri Nurul, M. Iqbal, S. Yazid\",\"doi\":\"10.1109/IWBIS.2016.7872903\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) is one kind of attacks using multiple computers. An attacker would act as a fake service requester that drains resources in computer target. This makes the target cannot serve the real request service. Thus we need to develop DDoS detector system. The proposed system consists of traffic capture, packet analyzer, and packet displayer. The system utilizes Ntopng as main traffic analyzer. Detector system has to meet good standard in accuracy, sensitivity, and reliability. We evaluate the system using one of dangerous DDoS tool named Slowloris. The system can detect attacks and provide alerts to detector user. The system also can process all incoming packets with a small margin of error (0.76%).\",\"PeriodicalId\":193821,\"journal\":{\"name\":\"2016 International Workshop on Big Data and Information Security (IWBIS)\",\"volume\":\"76 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 International Workshop on Big Data and Information Security (IWBIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IWBIS.2016.7872903\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Workshop on Big Data and Information Security (IWBIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IWBIS.2016.7872903","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

分布式拒绝服务(DDoS)是一种使用多台计算机的攻击。攻击者将充当一个虚假的服务请求者，消耗目标计算机中的资源。这使得目标无法提供真正的请求服务。因此，我们需要开发DDoS检测系统。该系统由流量捕获、数据包分析和数据包显示三部分组成。系统采用Ntopng作为主要流量分析器。检测系统在精度、灵敏度、可靠性等方面都达到了较好的要求。我们使用一种名为Slowloris的危险DDoS工具对系统进行评估。该系统可以检测到攻击并向检测用户提供警报。系统还可以处理所有传入的数据包，误差很小(0.76%)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Design DDoS attack detector using NTOPNG

Distributed Denial of Service (DDoS) is one kind of attacks using multiple computers. An attacker would act as a fake service requester that drains resources in computer target. This makes the target cannot serve the real request service. Thus we need to develop DDoS detector system. The proposed system consists of traffic capture, packet analyzer, and packet displayer. The system utilizes Ntopng as main traffic analyzer. Detector system has to meet good standard in accuracy, sensitivity, and reliability. We evaluate the system using one of dangerous DDoS tool named Slowloris. The system can detect attacks and provide alerts to detector user. The system also can process all incoming packets with a small margin of error (0.76%).

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 International Workshop on Big Data and Information Security (IWBIS)

自引率

0.00%

发文量

期刊最新文献

Advancing public health genomics Overview of research center for information technology innovation in Taiwan Academia Sinica A survey of whole genome alignment tools and frameworks based on Hadoop's MapReduce Design and implementation of merchant acquirer data warehouse at PT. XYZ Spatial data mining for predicting of unobserved zinc pollutant using ordinary point Kriging