Anomaly detection and response approach based on mapping requests
文献类型:期刊论文
| 作者 | Wan M(万明) ; Zhang, Hong-Ke; Wu, Tin-Yu; Lo, Chi-Hsiang
|
| 刊名 | Security and Communication Networks
 |
| 出版日期 | 2014 |
| 卷号 | 7期号:12页码:2277-2292 |
| 关键词 | locator/identifier separation anomaly detection and response cumulative sum mapping request threshold algorithm |
| ISSN号 | 1939-0114 |
| 产权排序 | 1 |
| 通讯作者 | Wu, Tin-Yu |
| 中文摘要 | There is an increasing consensus that the locator/identifier separation of IP address is necessary to resolve the scalability issues of current Internet routing architecture. After identifiers are separated from locators, an identifier-to-locator mapping service must be employed to map identifiers onto locators. From this point, this paper proposes an anomaly detection and response approach based on mapping requests. By using the cumulative sum algorithm for change point detection, this approach introduces the anomalous traffic detection of mapping requests to diagnose the aberrant network behaviors. Once alarming, two effective response methods can be chosen to control the anomalous attack traffic in real time. Furthermore, in order to decouple the mapping request traffic from the mapping cache, this approach not only takes into account the mapping cache timeout but also puts forward a practical mapping request threshold algorithm. In particular, our simulation results show that, compared with the anomaly detection approach based on network traffic, the proposed approach is more advantageous and efficient. In addition, we also discuss the possible false positive and false negative problems, which may be caused by some accidental phenomena. |
| WOS标题词 | Science & Technology ; Technology |
| 类目[WOS] | Computer Science, Information Systems ; Telecommunications |
| 研究领域[WOS] | Computer Science ; Telecommunications |
| 收录类别 | SCI ; EI |
| 语种 | 英语 |
| WOS记录号 | WOS:000345633500004 |
| 公开日期 | 2014-12-29 |
| 源URL | [http://ir.sia.cn/handle/173321/15442]  |
| 专题 | 沈阳自动化研究所_工业控制网络与系统研究室 |
| 推荐引用方式 GB/T 7714 | Wan M,Zhang, Hong-Ke,Wu, Tin-Yu,et al. Anomaly detection and response approach based on mapping requests[J]. Security and Communication Networks,2014,7(12):2277-2292. |
| APA | Wan M,Zhang, Hong-Ke,Wu, Tin-Yu,&Lo, Chi-Hsiang.(2014).Anomaly detection and response approach based on mapping requests.Security and Communication Networks,7(12),2277-2292. |
| MLA | Wan M,et al."Anomaly detection and response approach based on mapping requests".Security and Communication Networks 7.12(2014):2277-2292. |
入库方式: OAI收割
来源:沈阳自动化研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。