A knowledge-based model for defending distributed DoS
The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false ne...
Saved in:
Published in | IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings pp. 257 - 263 |
---|---|
Main Authors | , , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
2003
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false negative criterion, the detecting phase use the detecting rules to finds out the control traffic of distributed DoS. However, some false alarms appear because of the similar traffic with control traffic from special services. Therefore, the filtering rules are used to reduce the false alarm rate in filtering phase and detecting phase. |
---|---|
ISBN: | 0780378822 9780780378827 |
DOI: | 10.1109/CCST.2003.1297569 |