RISS 학술연구정보서비스

검색
다국어 입력

http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.

변환된 중국어를 복사하여 사용하시면 됩니다.

예시)
  • 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
  • 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
닫기
    인기검색어 순위 펼치기

    RISS 인기검색어

      SCIE SCOPUS KCI등재

      Vulnerable Path Attack and its Detection = Vulnerable Path Attack and its Detection

      한글로보기

      https://www.riss.kr/link?id=A103334554

      • 0

        상세조회
      • 0

        다운로드
      서지정보 열기
      • 내보내기
      • 내책장담기
      • 공유하기
      • 오류접수

      부가정보

      다국어 초록 (Multilingual Abstract)

      Application-layer Distributed Denial-of-Service (DDoS) attack is one of the leading security problems in the Internet. In recent years, the attack strategies of application-layer DDoS have rapidly developed. This paper introduces a new attack strategy named Path Vulnerabilities-Based (PVB) attack. In this attack strategy, an attacker first analyzes the contents of web pages and subsequently measures the actual response time of each webpage to build a web-resource-weighted-directed graph. The attacker uses a Top M Longest Path algorithm to find M DDoS vulnerable paths that consume considerable resources when sequentially accessing the pages following any of those paths. A detection mechanism for such attack is also proposed and discussed. A finite-state machine is used to model the dynamical processes for the state of the user`s session and monitor the PVB attacks. Numerical results based on real-traffic simulations reveal the efficiency of the attack strategy and the detection mechanism.
      번역하기

      Application-layer Distributed Denial-of-Service (DDoS) attack is one of the leading security problems in the Internet. In recent years, the attack strategies of application-layer DDoS have rapidly developed. This paper introduces a new attack strategy...

      Application-layer Distributed Denial-of-Service (DDoS) attack is one of the leading security problems in the Internet. In recent years, the attack strategies of application-layer DDoS have rapidly developed. This paper introduces a new attack strategy named Path Vulnerabilities-Based (PVB) attack. In this attack strategy, an attacker first analyzes the contents of web pages and subsequently measures the actual response time of each webpage to build a web-resource-weighted-directed graph. The attacker uses a Top M Longest Path algorithm to find M DDoS vulnerable paths that consume considerable resources when sequentially accessing the pages following any of those paths. A detection mechanism for such attack is also proposed and discussed. A finite-state machine is used to model the dynamical processes for the state of the user`s session and monitor the PVB attacks. Numerical results based on real-traffic simulations reveal the efficiency of the attack strategy and the detection mechanism.

      더보기

      참고문헌 (Reference)

      1 H.S.Kang, "sShield: small DDoS defense system using RIP-based traffic deflection in autonomous system" 67 (67): 820-836, 2014

      2 M.K Yoon, "Using Whitelisting to Mitigate DDoS Attacks on Critical Internet Sites" 48 (48): 110-115, 2010

      3 N.A. Mohammed, "Uniform DoS traceback" 45 (45): 17-26, 2014

      4 K. Ioannidou, "The longest path problem has a polynomial solution on interval graphs" 61 (61): 320-341, 2011

      5 H. Beitollahi, "Tackling Application-layer DDoS Attacks" 10 (10): 432-441, 2012

      6 I.C. Paschalidis, "Spatio-Temporal Network Anomaly Detection by Assessing Deviations of Empirical Measures" 17 (17): 685-697, 2009

      7 V. Durcekova, "Sophisticated Denial of Service attacks aimed at application layer" ELEKTRO 55-60, 2012

      8 S.N. Shiaeles, "Real time DDoS detection using fuzzy estimators" 31 (31): 782-790, 2012

      9 A. Ramamoorthi, "Real Time Detection and Classification of DDoS Attacks using Enhanced SVM with String Kernels" ICRTIT 91-96, 2011

      10 C.Y. Chou, "Proactive Surge Protection: A Defense Mechanism for Bandwidth-Based Attacks" 17 (17): 1711-1723, 2009

      1 H.S.Kang, "sShield: small DDoS defense system using RIP-based traffic deflection in autonomous system" 67 (67): 820-836, 2014

      2 M.K Yoon, "Using Whitelisting to Mitigate DDoS Attacks on Critical Internet Sites" 48 (48): 110-115, 2010

      3 N.A. Mohammed, "Uniform DoS traceback" 45 (45): 17-26, 2014

      4 K. Ioannidou, "The longest path problem has a polynomial solution on interval graphs" 61 (61): 320-341, 2011

      5 H. Beitollahi, "Tackling Application-layer DDoS Attacks" 10 (10): 432-441, 2012

      6 I.C. Paschalidis, "Spatio-Temporal Network Anomaly Detection by Assessing Deviations of Empirical Measures" 17 (17): 685-697, 2009

      7 V. Durcekova, "Sophisticated Denial of Service attacks aimed at application layer" ELEKTRO 55-60, 2012

      8 S.N. Shiaeles, "Real time DDoS detection using fuzzy estimators" 31 (31): 782-790, 2012

      9 A. Ramamoorthi, "Real Time Detection and Classification of DDoS Attacks using Enhanced SVM with String Kernels" ICRTIT 91-96, 2011

      10 C.Y. Chou, "Proactive Surge Protection: A Defense Mechanism for Bandwidth-Based Attacks" 17 (17): 1711-1723, 2009

      11 S. McGregory, "Preparing for the next DDoS attack" 2013 (2013): 5-6, 2013

      12 Y. Xie, "Monitoring the application-layer DDoS attacks for popular website" 17 (17): 15-25, 2009

      13 SpiderLabs, "ModSecutity"

      14 Y.Xiang, "Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics" 6 (6): 426-437, 2011

      15 D. Hayes, "Improving HTTP performance using `stateless’ TCP" 57-62, 2011

      16 A. Alvarez-Alvarez, "Human Gait Modeling Using a Genetic Fuzzy Finite State Machine" 20 (20): 205-223, 2012

      17 C. Cattani, "Harmonic Wavelet Approximation of Random, Fractal and High Frequency Signals" 43 (43): 207-217, 2010

      18 J. Jung, "Flash crowds and denial of service attacks: Characterization and implications for CDNs and websites" ACM 293-304, 2002

      19 D. Gavrilis, "Flash Crowd Detection Using Decoy Hyperlinks" 466-470, 2007

      20 남승엽, "Defending HTTP Web Servers against DDoS Attacks through Busy Period-based Attack Flow Detection" 한국인터넷정보학회 8 (8): 2512-2531, 2014

      21 A. Raghunath, "Data rate based adaptive thread assignment solution for combating the SlowPOST denial of service attack" 38 (38): 1-5, 2013

      22 S. Ranjan, "DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks" 17 (17): 26-39, 2009

      23 K. Sourav, "DDoS detection and defense: client termination approach" 749-752, 2012

      24 J. Nazario, "DDoS attack evolution" 2008 (2008): 7-10, 2008

      25 F. Simmross-Wattenberg, "Anomaly Detection in Network Traffic Based on Statistical Inference and α-Stable Modeling" 8 (8): 494-509, 2011

      더보기

      동일학술지(권/호) 다른 논문

      분석정보

      View

      상세정보조회

      0

      Usage

      원문다운로드

      0

      대출신청

      0

      복사신청

      0

      EDDS신청

      0

      동일 주제 내 활용도 TOP

      더보기

      주제

      연도별 연구동향

      연도별 활용동향

      연관논문

      연구자 네트워크맵

      공동연구자 (7)

      유사연구자 (20) 활용도상위20명

      인용정보 인용지수 설명보기

      학술지 이력

      학술지 이력
      연월일 이력구분 이력상세 등재구분
      학술지등록 한글명 : KSII Transactions on Internet and Information Systems
      외국어명 : KSII Transactions on Internet and Information Systems
      2023 평가예정 해외DB학술지평가 신청대상 (해외등재 학술지 평가)
      2020-01-01 평가 등재학술지 유지 (해외등재 학술지 평가) KCI등재
      2013-10-01 평가 등재학술지 선정 (기타) KCI등재
      2011-01-01 평가 등재후보학술지 유지 (기타) KCI등재후보
      2009-01-01 평가 SCOPUS 등재 (신규평가) KCI등재후보
      더보기

      학술지 인용정보

      학술지 인용정보
      기준연도 WOS-KCI 통합IF(2년) KCIF(2년) KCIF(3년)
      2016 0.45 0.21 0.37
      KCIF(4년) KCIF(5년) 중심성지수(3년) 즉시성지수
      0.32 0.29 0.244 0.03
      더보기

      이 자료와 함께 이용한 RISS 자료

      나만을 위한 추천자료

      해외이동버튼