A reversible sketch-based method for detecting and mitigating amplification attacks
No Thumbnail Available
Access rights
openAccess
Journal Title
Journal ISSN
Volume Title
A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
This publication is imported from Aalto University research portal.
View publication in the Research portal
View/Open full text file from the Research portal
Other link related to publication
View publication in the Research portal
View/Open full text file from the Research portal
Other link related to publication
Date
2019-09-15
Major/Subject
Mcode
Degree programme
Language
en
Pages
10
15-24
15-24
Series
Journal of Network and Computer Applications, Volume 142
Abstract
Amplification attacks bring serious threats to network security due to their characteristics of anonymity and amplification. How to detect amplification attacks attracts more and more attention. However, as the age of networking for big data is coming, traditional amplification attack detection methods become inefficient due to the impact of big-volume network traffic that swamp significant signals of attacks. The premise of accurate effective attack detection is efficiently processing big-volume traffic. In this paper, we propose a meaningful work that applies sketch technique to detect and mitigate amplification attacks. This step enables the detection method to handle big-volume network traffic. We use a Chinese Reminder Theorem based Reversible Sketch to directly collect network traffic and then monitor the abrupt changes in one-to-one mapping between request packets and response packets to identify amplification attack traffic. The detection mechanism is robust and efficient since it does not need to record complicated traffic features and makes full use of the basic characteristic of amplification attacks. We examine the performance of our method through a series of experiments conducted on simulation and real world traffic. The results denote that the method can accurately detect and mitigate amplification attacks.Description
Keywords
Amplification attacks, Bloom filter, Chinese remainder theorem, Network security, Reversible sketch
Other note
Citation
Jing , X , Zhao , J , Zheng , Q , Yan , Z & Pedrycz , W 2019 , ' A reversible sketch-based method for detecting and mitigating amplification attacks ' , Journal of Network and Computer Applications , vol. 142 , pp. 15-24 . https://doi.org/10.1016/j.jnca.2019.06.007