Name
Abstract | ||
|---|---|---|
Global-scale attacks like viruses and worms are increasing in frequency, severity and sophistication, making it critical to detect outbursts at routers/gateways instead of end hosts. In this paper we leverage data streaming techniques such as the reversible sketch to obtain HiFIND, a High-speed Flow-level Intrusion Detection system. In contrast to existing intrusion detection systems, HiFIND I ) is scalable to flow-level detection on high-speed networks; 2) zs DoS resilient; 3) can distinguish SYN flooding and various port scans (mostly for worm propagation) for effective mitigation; 4 ) enables aggregate detection over multiple routers/gateways; and 5) separates anomalies to limit false positives in detection. Both theoretical analysis and evaluation with several router traces show that HiFIND achieves these properties. To the best of our knowledge, HiFIND is the first online DoS resilient flow-level intrusion detection system for high-speed networks (approximately 10s of Gigabit/second), even for the worst case trafic of 40-byte-packet streams with each packet forming a flow. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1109/ICDCS.2006.6 | ICDCS |
Keywords | Field | DocType |
high-speed network,intrusion detection,zs dos,data streaming,intrusion detection system,high-speed networks,global-scale attack,statistical detection,40-byte-packet stream,detection approach,packet forming a ow. key words: high-speed networking,multiple routers,dos resilient flow-level intrusion,existing intrusion detection system,aggregate detection,online dos resilient flow-level,high-speed flow-level intrusion detection,routing,hardware,bandwidth,frequency,false positive,scalability | Gigabit,Host-based intrusion detection system,Computer science,Network packet,Computer network,Bandwidth (signal processing),Router,SYN flood,Intrusion detection system,Scalability | Conference |
ISSN | ISBN | Citations |
1063-6927 | 0-7695-2540-7 | 28 |
PageRank | References | Authors |
1.24 | 8 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yan Gao | 1 | 197 | 10.54 |
| Zhichun Li | 2 | 814 | 41.48 |
| Yan Chen | 3 | 3842 | 220.64 |