A reversible sketch-based method for detecting and mitigating amplification attacks

Simple item page
dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.authorJing, Xuyangen_US
dc.contributor.authorZhao, Jingjingen_US
dc.contributor.authorZheng, Qinghuaen_US
dc.contributor.authorYan, Zhengen_US
dc.contributor.authorPedrycz, Witolden_US
dc.contributor.departmentDepartment of Communications and Networkingen
dc.contributor.groupauthorNetwork Security and Trusten
dc.contributor.organizationXidian Universityen_US
dc.contributor.organizationXi'an Jiaotong Universityen_US
dc.contributor.organizationUniversity of Albertaen_US
dc.date.accessioned2019-08-15T08:23:41Z
dc.date.available2019-08-15T08:23:41Z
dc.date.embargoinfo:eu-repo/date/embargoEnd/2021-06-18en_US
dc.date.issued2019-09-15en_US
dc.description.abstractAmplification attacks bring serious threats to network security due to their characteristics of anonymity and amplification. How to detect amplification attacks attracts more and more attention. However, as the age of networking for big data is coming, traditional amplification attack detection methods become inefficient due to the impact of big-volume network traffic that swamp significant signals of attacks. The premise of accurate effective attack detection is efficiently processing big-volume traffic. In this paper, we propose a meaningful work that applies sketch technique to detect and mitigate amplification attacks. This step enables the detection method to handle big-volume network traffic. We use a Chinese Reminder Theorem based Reversible Sketch to directly collect network traffic and then monitor the abrupt changes in one-to-one mapping between request packets and response packets to identify amplification attack traffic. The detection mechanism is robust and efficient since it does not need to record complicated traffic features and makes full use of the basic characteristic of amplification attacks. We examine the performance of our method through a series of experiments conducted on simulation and real world traffic. The results denote that the method can accurately detect and mitigate amplification attacks.en
dc.description.versionPeer revieweden
dc.format.extent10
dc.format.mimetypeapplication/pdfen_US
dc.identifier.citationJing, X, Zhao, J, Zheng, Q, Yan, Z & Pedrycz, W 2019, 'A reversible sketch-based method for detecting and mitigating amplification attacks', Journal of Network and Computer Applications, vol. 142, pp. 15-24. https://doi.org/10.1016/j.jnca.2019.06.007en
dc.identifier.doi10.1016/j.jnca.2019.06.007en_US
dc.identifier.issn1084-8045
dc.identifier.issn1095-8592
dc.identifier.otherPURE UUID: 62afeb76-86fe-4966-8429-e9d0e67318d1en_US
dc.identifier.otherPURE ITEMURL: https://research.aalto.fi/en/publications/62afeb76-86fe-4966-8429-e9d0e67318d1en_US
dc.identifier.otherPURE LINK: http://www.scopus.com/inward/record.url?scp=85067275359&partnerID=8YFLogxK
dc.identifier.otherPURE FILEURL: https://research.aalto.fi/files/35822738/ELEC_Jing_Reversible_sketch_based_JNCA.pdfen_US
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/39682
dc.identifier.urnURN:NBN:fi:aalto-201908154727
dc.language.isoenen
dc.publisherElsevier
dc.relation.ispartofseriesJournal of Network and Computer Applicationsen
dc.relation.ispartofseriesVolume 142, pp. 15-24en
dc.rightsopenAccessen
dc.subject.keywordAmplification attacksen_US
dc.subject.keywordBloom filteren_US
dc.subject.keywordChinese remainder theoremen_US
dc.subject.keywordNetwork securityen_US
dc.subject.keywordReversible sketchen_US
dc.titleA reversible sketch-based method for detecting and mitigating amplification attacksen
dc.typeA1 Alkuperäisartikkeli tieteellisessä aikakauslehdessäfi
dc.type.versionacceptedVersion

Files

Collections

[article-cris] Sähkötekniikan korkeakoulu / ELEC