5 research outputs found
Flooding attacks to internet threat monitors (ITM): Modeling and counter measures using botnet and honeypots
The Internet Threat Monitoring (ITM),is a globally scoped Internet monitoring
system whose goal is to measure, detect, characterize, and track threats such
as distribute denial of service(DDoS) attacks and worms. To block the
monitoring system in the internet the attackers are targeted the ITM system. In
this paper we address flooding attack against ITM system in which the attacker
attempt to exhaust the network and ITM's resources, such as network bandwidth,
computing power, or operating system data structures by sending the malicious
traffic. We propose an information-theoretic frame work that models the
flooding attacks using Botnet on ITM. Based on this model we generalize the
flooding attacks and propose an effective attack detection using Honeypots
Modeling and Counter Measures of Flooding Attacks to Internet Threat Monitors (ITM): Using Botnet and Group-Testing approach
The Internet Threat Monitoring (ITM),is a globally scoped Internet monitoring system whose goal is to measure, detect, characterize, and track threats such as distribute denial of service(DDoS) attacks and worms. To block the monitoring system in the internet the attackers are targeted the ITM system. In this paper we address flooding attack against ITM system in which the attacker attempt to exhaust the network and ITM2019;s resources, such as network bandwidth, computing power, or operating system data structures by sending the malicious traffic. We propose an information-theoretic frame work that models the flooding attacks using Botnet on ITM.we propose a novel group testing (GT)-based approach deployed on back-end servers, which not only offers a theoretical method to obtain short detection delay and low false positive/negative rate, but also provides an underlying framework against general network attacks