TY - GEN
T1 - A proposal for detecting distributed cyber-attacks using automatic thresholding
AU - Feng, Yaokai
AU - Hori, Yoshiaki
AU - Sakurai, Kouichi
N1 - Funding Information:
This work was partially supported by Proactive Response Against Cyber-attacks Through International Collaborative Exchange (PRACTICE), Ministry of Internal Affairs and Communications, Japan. The first author was also partly supported by Grant-in-aid for Scientific Research (C) No. 25330131, Japan Society for the Promotion of Science. The authors would like to express their gratitude to NICT [25] for providing the darknet traffic data for this study.
Publisher Copyright:
© 2015 IEEE.
PY - 2015
Y1 - 2015
N2 - Distributed attacks have reportedly caused the most serious losses in the modern cyber environment. Thus, how to avoid and detect distributed attacks has become one of the most important topics in the cyber security community. Of many approaches for avoiding and detecting cyber-attacks, behavior based method has been attracting great attentions from many researchers and developers. It is well known that, for behavior based cyber-attack detections, the algorithm for extracting normal modes from historic traffic is critically important. In this paper, after the newest algorithms for extracting normal behavior mode from historic traffics are discussed, a novel algorithm is proposed. Its efficiency is examined by experiments using darknet traffic data.
AB - Distributed attacks have reportedly caused the most serious losses in the modern cyber environment. Thus, how to avoid and detect distributed attacks has become one of the most important topics in the cyber security community. Of many approaches for avoiding and detecting cyber-attacks, behavior based method has been attracting great attentions from many researchers and developers. It is well known that, for behavior based cyber-attack detections, the algorithm for extracting normal modes from historic traffic is critically important. In this paper, after the newest algorithms for extracting normal behavior mode from historic traffics are discussed, a novel algorithm is proposed. Its efficiency is examined by experiments using darknet traffic data.
UR - http://www.scopus.com/inward/record.url?scp=84964655239&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84964655239&partnerID=8YFLogxK
U2 - 10.1109/AsiaJCIS.2015.22
DO - 10.1109/AsiaJCIS.2015.22
M3 - Conference contribution
AN - SCOPUS:84964655239
T3 - Proceedings - 2015 10th Asia Joint Conference on Information Security, AsiaJCIS 2015
SP - 152
EP - 159
BT - Proceedings - 2015 10th Asia Joint Conference on Information Security, AsiaJCIS 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 10th Asia Joint Conference on Information Security, AsiaJCIS 2015
Y2 - 24 May 2015 through 26 May 2015
ER -