A knowledge-based model for defending distributed DoS

The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false ne...

Full description

Saved in:
Bibliographic Details
Published inIEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings pp. 257 - 263
Main Authors Shui-Sheng Lin, Shun-Chieh Lin, Shian-Shyong Tseng
Format Conference Proceeding
LanguageEnglish
Published IEEE 2003
Subjects
Communication system traffic control
Computer crime
Cryptography
Distributed control
Information filtering
Information filters
Internet
Mathematics
Phase detection
Traffic control
Online AccessGet full text

Cover

More Information
Summary:The knowledge-based model is proposed to solve the prediction problem in distributed DoS. There are three phases in this knowledge-based model. The detecting rules and filtering rules are constructed in knowledge construction phase from characteristic analyzer and domain experts. Based upon false negative criterion, the detecting phase use the detecting rules to finds out the control traffic of distributed DoS. However, some false alarms appear because of the similar traffic with control traffic from special services. Therefore, the filtering rules are used to reduce the false alarm rate in filtering phase and detecting phase.
ISBN:0780378822
9780780378827
DOI:10.1109/CCST.2003.1297569