A reversible sketch-based method for detecting and mitigating amplification attacks

Tutkimustuotos: Lehtiartikkelivertaisarvioitu

Standard

A reversible sketch-based method for detecting and mitigating amplification attacks. / Jing, Xuyang; Zhao, Jingjing; Zheng, Qinghua; Yan, Zheng; Pedrycz, Witold.

julkaisussa: Journal of Network and Computer Applications, Vuosikerta 142, 15.09.2019, s. 15-24.

Tutkimustuotos: Lehtiartikkelivertaisarvioitu

Harvard

APA

Vancouver

Author

Jing, Xuyang ; Zhao, Jingjing ; Zheng, Qinghua ; Yan, Zheng ; Pedrycz, Witold. / A reversible sketch-based method for detecting and mitigating amplification attacks. Julkaisussa: Journal of Network and Computer Applications. 2019 ; Vuosikerta 142. Sivut 15-24.

Bibtex - Lataa

@article{62afeb7686fe49668429e9d0e67318d1,
title = "A reversible sketch-based method for detecting and mitigating amplification attacks",
abstract = "Amplification attacks bring serious threats to network security due to their characteristics of anonymity and amplification. How to detect amplification attacks attracts more and more attention. However, as the age of networking for big data is coming, traditional amplification attack detection methods become inefficient due to the impact of big-volume network traffic that swamp significant signals of attacks. The premise of accurate effective attack detection is efficiently processing big-volume traffic. In this paper, we propose a meaningful work that applies sketch technique to detect and mitigate amplification attacks. This step enables the detection method to handle big-volume network traffic. We use a Chinese Reminder Theorem based Reversible Sketch to directly collect network traffic and then monitor the abrupt changes in one-to-one mapping between request packets and response packets to identify amplification attack traffic. The detection mechanism is robust and efficient since it does not need to record complicated traffic features and makes full use of the basic characteristic of amplification attacks. We examine the performance of our method through a series of experiments conducted on simulation and real world traffic. The results denote that the method can accurately detect and mitigate amplification attacks.",
keywords = "Amplification attacks, Bloom filter, Chinese remainder theorem, Network security, Reversible sketch",
author = "Xuyang Jing and Jingjing Zhao and Qinghua Zheng and Zheng Yan and Witold Pedrycz",
year = "2019",
month = "9",
day = "15",
doi = "10.1016/j.jnca.2019.06.007",
language = "English",
volume = "142",
pages = "15--24",
journal = "Journal of Network and Computer Applications",
issn = "1084-8045",
publisher = "Academic Press Inc.",

}

RIS - Lataa

TY - JOUR

T1 - A reversible sketch-based method for detecting and mitigating amplification attacks

AU - Jing, Xuyang

AU - Zhao, Jingjing

AU - Zheng, Qinghua

AU - Yan, Zheng

AU - Pedrycz, Witold

PY - 2019/9/15

Y1 - 2019/9/15

N2 - Amplification attacks bring serious threats to network security due to their characteristics of anonymity and amplification. How to detect amplification attacks attracts more and more attention. However, as the age of networking for big data is coming, traditional amplification attack detection methods become inefficient due to the impact of big-volume network traffic that swamp significant signals of attacks. The premise of accurate effective attack detection is efficiently processing big-volume traffic. In this paper, we propose a meaningful work that applies sketch technique to detect and mitigate amplification attacks. This step enables the detection method to handle big-volume network traffic. We use a Chinese Reminder Theorem based Reversible Sketch to directly collect network traffic and then monitor the abrupt changes in one-to-one mapping between request packets and response packets to identify amplification attack traffic. The detection mechanism is robust and efficient since it does not need to record complicated traffic features and makes full use of the basic characteristic of amplification attacks. We examine the performance of our method through a series of experiments conducted on simulation and real world traffic. The results denote that the method can accurately detect and mitigate amplification attacks.

AB - Amplification attacks bring serious threats to network security due to their characteristics of anonymity and amplification. How to detect amplification attacks attracts more and more attention. However, as the age of networking for big data is coming, traditional amplification attack detection methods become inefficient due to the impact of big-volume network traffic that swamp significant signals of attacks. The premise of accurate effective attack detection is efficiently processing big-volume traffic. In this paper, we propose a meaningful work that applies sketch technique to detect and mitigate amplification attacks. This step enables the detection method to handle big-volume network traffic. We use a Chinese Reminder Theorem based Reversible Sketch to directly collect network traffic and then monitor the abrupt changes in one-to-one mapping between request packets and response packets to identify amplification attack traffic. The detection mechanism is robust and efficient since it does not need to record complicated traffic features and makes full use of the basic characteristic of amplification attacks. We examine the performance of our method through a series of experiments conducted on simulation and real world traffic. The results denote that the method can accurately detect and mitigate amplification attacks.

KW - Amplification attacks

KW - Bloom filter

KW - Chinese remainder theorem

KW - Network security

KW - Reversible sketch

UR - http://www.scopus.com/inward/record.url?scp=85067275359&partnerID=8YFLogxK

U2 - 10.1016/j.jnca.2019.06.007

DO - 10.1016/j.jnca.2019.06.007

M3 - Article

VL - 142

SP - 15

EP - 24

JO - Journal of Network and Computer Applications

JF - Journal of Network and Computer Applications

SN - 1084-8045

ER -

ID: 34949134