Yudha Purwanto, Kuspriyanto, Hendrawan, B. Rahardjo
{"title":"多阶段处理减少了入侵防御系统的处理时间","authors":"Yudha Purwanto, Kuspriyanto, Hendrawan, B. Rahardjo","doi":"10.1109/ICWT.2017.8284138","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attack growing larger as growing advance of internet technology and scale. Traffic Anomaly-based Intrusion Detection/Prevention System (IDS/IPS) has proposed as its capability to detect DDoS attack. Unfortunately, the anomaly detection algorithm was limited to detect the existence of an attack. To determine the type of attack, the system must occupy multiclass classification algorithm. However, the complexity of distance-based classification algorithm is always higher than detection algorithm. This research view IPS as one integrated sequence of detection, classification, and prevention process. We propose a multi-stage IPS with the used of distance-based anomaly detection analysis in the first stage, and classification analysis in later stages. The simulation result shows lower processing time of the IPS, with a capability of choosing a certain action for certain type of DDoS attack.","PeriodicalId":273103,"journal":{"name":"2017 3rd International Conference on Wireless and Telematics (ICWT)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Multistage process to decrease processing time in intrusion prevention system\",\"authors\":\"Yudha Purwanto, Kuspriyanto, Hendrawan, B. Rahardjo\",\"doi\":\"10.1109/ICWT.2017.8284138\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attack growing larger as growing advance of internet technology and scale. Traffic Anomaly-based Intrusion Detection/Prevention System (IDS/IPS) has proposed as its capability to detect DDoS attack. Unfortunately, the anomaly detection algorithm was limited to detect the existence of an attack. To determine the type of attack, the system must occupy multiclass classification algorithm. However, the complexity of distance-based classification algorithm is always higher than detection algorithm. This research view IPS as one integrated sequence of detection, classification, and prevention process. We propose a multi-stage IPS with the used of distance-based anomaly detection analysis in the first stage, and classification analysis in later stages. The simulation result shows lower processing time of the IPS, with a capability of choosing a certain action for certain type of DDoS attack.\",\"PeriodicalId\":273103,\"journal\":{\"name\":\"2017 3rd International Conference on Wireless and Telematics (ICWT)\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 3rd International Conference on Wireless and Telematics (ICWT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICWT.2017.8284138\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 3rd International Conference on Wireless and Telematics (ICWT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICWT.2017.8284138","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Multistage process to decrease processing time in intrusion prevention system
Distributed Denial of Service (DDoS) attack growing larger as growing advance of internet technology and scale. Traffic Anomaly-based Intrusion Detection/Prevention System (IDS/IPS) has proposed as its capability to detect DDoS attack. Unfortunately, the anomaly detection algorithm was limited to detect the existence of an attack. To determine the type of attack, the system must occupy multiclass classification algorithm. However, the complexity of distance-based classification algorithm is always higher than detection algorithm. This research view IPS as one integrated sequence of detection, classification, and prevention process. We propose a multi-stage IPS with the used of distance-based anomaly detection analysis in the first stage, and classification analysis in later stages. The simulation result shows lower processing time of the IPS, with a capability of choosing a certain action for certain type of DDoS attack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
