PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
Autor(a) principal: | |
---|---|
Data de Publicação: | 2014 |
Outros Autores: | , , , , |
Tipo de documento: | Artigo de conferência |
Idioma: | eng |
Título da fonte: | Repositório Institucional da UNESP |
Texto Completo: | http://hdl.handle.net/11449/183944 |
Resumo: | Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness. |
id |
UNSP_5f2d62a2943e20096fa52bf1d43c81f0 |
---|---|
oai_identifier_str |
oai:repositorio.unesp.br:11449/183944 |
network_acronym_str |
UNSP |
network_name_str |
Repositório Institucional da UNESP |
repository_id_str |
2946 |
spelling |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networksbrute force attackburst attackscyber-attack forecastingEWMAprediction modelBurst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.Univ Sao Paulo, LSI POLI, BR-05508 Sao Paulo, BrazilUniv Avignon, CERI LIA, Avignon, FranceUniv Oeste Paulista, FIPP, Sao Paulo, BrazilUniv Estadual Paulista, Unip, Sao Paulo, BrazilUniv Estadual Paulista, Unip, Sao Paulo, BrazilIeeeUniversidade de São Paulo (USP)Univ AvignonUniv Oeste PaulistaUniversidade Estadual Paulista (Unesp)Silva, Anderson [UNESP]Pontes, ElvisZhou, FenGuelft, AdilsonKofuji, SergioIEEE2019-10-03T18:18:27Z2019-10-03T18:18:27Z2014-01-01info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject194-2002014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014.http://hdl.handle.net/11449/183944WOS:000364918800034Web of Sciencereponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPeng2014 Ninth International Conference On Digital Information Management (icdim)info:eu-repo/semantics/openAccess2021-10-22T21:16:16Zoai:repositorio.unesp.br:11449/183944Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462021-10-22T21:16:16Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false |
dc.title.none.fl_str_mv |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
title |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
spellingShingle |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks Silva, Anderson [UNESP] brute force attack burst attacks cyber-attack forecasting EWMA prediction model |
title_short |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
title_full |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
title_fullStr |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
title_full_unstemmed |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
title_sort |
PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks |
author |
Silva, Anderson [UNESP] |
author_facet |
Silva, Anderson [UNESP] Pontes, Elvis Zhou, Fen Guelft, Adilson Kofuji, Sergio IEEE |
author_role |
author |
author2 |
Pontes, Elvis Zhou, Fen Guelft, Adilson Kofuji, Sergio IEEE |
author2_role |
author author author author author |
dc.contributor.none.fl_str_mv |
Universidade de São Paulo (USP) Univ Avignon Univ Oeste Paulista Universidade Estadual Paulista (Unesp) |
dc.contributor.author.fl_str_mv |
Silva, Anderson [UNESP] Pontes, Elvis Zhou, Fen Guelft, Adilson Kofuji, Sergio IEEE |
dc.subject.por.fl_str_mv |
brute force attack burst attacks cyber-attack forecasting EWMA prediction model |
topic |
brute force attack burst attacks cyber-attack forecasting EWMA prediction model |
description |
Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness. |
publishDate |
2014 |
dc.date.none.fl_str_mv |
2014-01-01 2019-10-03T18:18:27Z 2019-10-03T18:18:27Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/conferenceObject |
format |
conferenceObject |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
2014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014. http://hdl.handle.net/11449/183944 WOS:000364918800034 |
identifier_str_mv |
2014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014. WOS:000364918800034 |
url |
http://hdl.handle.net/11449/183944 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
2014 Ninth International Conference On Digital Information Management (icdim) |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
194-200 |
dc.publisher.none.fl_str_mv |
Ieee |
publisher.none.fl_str_mv |
Ieee |
dc.source.none.fl_str_mv |
Web of Science reponame:Repositório Institucional da UNESP instname:Universidade Estadual Paulista (UNESP) instacron:UNESP |
instname_str |
Universidade Estadual Paulista (UNESP) |
instacron_str |
UNESP |
institution |
UNESP |
reponame_str |
Repositório Institucional da UNESP |
collection |
Repositório Institucional da UNESP |
repository.name.fl_str_mv |
Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP) |
repository.mail.fl_str_mv |
|
_version_ |
1803046636798083072 |