Abstract
Low-rate attacks can conceal their traffic because they are very much like normal communication. Thus, although a number of volume-based detection techniques that monitor the aggregate or per link traffic load of a network are able to identify anomalies that trigger significant traffic volume changes, they are not applicable to low-rate attacks. Because of this, the problem of low-rate attacks has been attracting many researchers in the community of network security. In this study, we propose for the first time a method based on the normal traffic mode for detecting outbreaks of low-rate attacks. Some behavior-based approaches have been proposed for anomaly detections. They, however, are not able to be used for low-rate attacks. The experimental result indicates our proposal is efficient.
| Translated title of the contribution | A Behavior-based Detection Method for Outbreaks of Low-rate Attacks |
|---|---|
| Original language | Japanese |
| Pages (from-to) | 37-42 |
| Number of pages | 6 |
| Journal | IEICE technical report |
| Volume | 111 |
| Issue number | 495 |
| Publication status | Published - Mar 9 2012 |