PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
Nenhuma Miniatura disponível
Data
2014-01-01
Autores
Silva, Anderson [UNESP]
Pontes, Elvis
Zhou, Fen
Guelft, Adilson
Kofuji, Sergio
IEEE
Título da Revista
ISSN da Revista
Título de Volume
Editor
Ieee
Resumo
Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.
Descrição
Palavras-chave
brute force attack, burst attacks, cyber-attack forecasting, EWMA, prediction model
Como citar
2014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014.