| Anomaly detection and response approach based on mapping requests | |
Wan M(万明) ; Zhang, Hong-Ke; Wu, Tin-Yu; Lo, Chi-Hsiang
| |
| 刊名 | Security and Communication Networks
 |
| 2014 | |
| 卷号 | 7期号:12页码:2277-2292 |
| 关键词 | locator/identifier separation anomaly detection and response cumulative sum mapping request threshold algorithm |
| ISSN号 | 1939-0114 |
| 通讯作者 | Wu, Tin-Yu |
| 产权排序 | 1 |
| 中文摘要 | There is an increasing consensus that the locator/identifier separation of IP address is necessary to resolve the scalability issues of current Internet routing architecture. After identifiers are separated from locators, an identifier-to-locator mapping service must be employed to map identifiers onto locators. From this point, this paper proposes an anomaly detection and response approach based on mapping requests. By using the cumulative sum algorithm for change point detection, this approach introduces the anomalous traffic detection of mapping requests to diagnose the aberrant network behaviors. Once alarming, two effective response methods can be chosen to control the anomalous attack traffic in real time. Furthermore, in order to decouple the mapping request traffic from the mapping cache, this approach not only takes into account the mapping cache timeout but also puts forward a practical mapping request threshold algorithm. In particular, our simulation results show that, compared with the anomaly detection approach based on network traffic, the proposed approach is more advantageous and efficient. In addition, we also discuss the possible false positive and false negative problems, which may be caused by some accidental phenomena. |
| WOS标题词 | Science & Technology ; Technology |
| 类目[WOS] | Computer Science, Information Systems ; Telecommunications |
| 研究领域[WOS] | Computer Science ; Telecommunications |
| 收录类别 | SCI ; EI |
| 语种 | 英语 |
| WOS记录号 | WOS:000345633500004 |
| 公开日期 | 2014-12-29 |
| 内容类型 | 期刊论文 |
| 源URL | [http://ir.sia.cn/handle/173321/15442]  |
| 专题 | 沈阳自动化研究所_工业控制网络与系统研究室 |
| 推荐引用方式 GB/T 7714 | Wan M,Zhang, Hong-Ke,Wu, Tin-Yu,et al. Anomaly detection and response approach based on mapping requests[J]. Security and Communication Networks,2014,7(12):2277-2292. |
| APA | Wan M,Zhang, Hong-Ke,Wu, Tin-Yu,&Lo, Chi-Hsiang.(2014).Anomaly detection and response approach based on mapping requests.Security and Communication Networks,7(12),2277-2292. |
| MLA | Wan M,et al."Anomaly detection and response approach based on mapping requests".Security and Communication Networks 7.12(2014):2277-2292. |
| 个性服务 |
| 查看访问统计 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论