PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks

Detalhes bibliográficos
Autor(a) principal: Silva, Anderson [UNESP]
Data de Publicação: 2014
Outros Autores: Pontes, Elvis, Zhou, Fen, Guelft, Adilson, Kofuji, Sergio, IEEE
Tipo de documento: Artigo de conferência
Idioma: eng
Título da fonte: Repositório Institucional da UNESP
Texto Completo: http://hdl.handle.net/11449/183944
Resumo: Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.
id UNSP_5f2d62a2943e20096fa52bf1d43c81f0
oai_identifier_str oai:repositorio.unesp.br:11449/183944
network_acronym_str UNSP
network_name_str Repositório Institucional da UNESP
repository_id_str 2946
spelling PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networksbrute force attackburst attackscyber-attack forecastingEWMAprediction modelBurst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.Univ Sao Paulo, LSI POLI, BR-05508 Sao Paulo, BrazilUniv Avignon, CERI LIA, Avignon, FranceUniv Oeste Paulista, FIPP, Sao Paulo, BrazilUniv Estadual Paulista, Unip, Sao Paulo, BrazilUniv Estadual Paulista, Unip, Sao Paulo, BrazilIeeeUniversidade de São Paulo (USP)Univ AvignonUniv Oeste PaulistaUniversidade Estadual Paulista (Unesp)Silva, Anderson [UNESP]Pontes, ElvisZhou, FenGuelft, AdilsonKofuji, SergioIEEE2019-10-03T18:18:27Z2019-10-03T18:18:27Z2014-01-01info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject194-2002014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014.http://hdl.handle.net/11449/183944WOS:000364918800034Web of Sciencereponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPeng2014 Ninth International Conference On Digital Information Management (icdim)info:eu-repo/semantics/openAccess2021-10-22T21:16:16Zoai:repositorio.unesp.br:11449/183944Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462021-10-22T21:16:16Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false
dc.title.none.fl_str_mv PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
title PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
spellingShingle PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
Silva, Anderson [UNESP]
brute force attack
burst attacks
cyber-attack forecasting
EWMA
prediction model
title_short PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
title_full PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
title_fullStr PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
title_full_unstemmed PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
title_sort PRBS/EWMA Based Model for Predicting Burst Attacks (Brute Froce, DoS) in Computer Networks
author Silva, Anderson [UNESP]
author_facet Silva, Anderson [UNESP]
Pontes, Elvis
Zhou, Fen
Guelft, Adilson
Kofuji, Sergio
IEEE
author_role author
author2 Pontes, Elvis
Zhou, Fen
Guelft, Adilson
Kofuji, Sergio
IEEE
author2_role author
author
author
author
author
dc.contributor.none.fl_str_mv Universidade de São Paulo (USP)
Univ Avignon
Univ Oeste Paulista
Universidade Estadual Paulista (Unesp)
dc.contributor.author.fl_str_mv Silva, Anderson [UNESP]
Pontes, Elvis
Zhou, Fen
Guelft, Adilson
Kofuji, Sergio
IEEE
dc.subject.por.fl_str_mv brute force attack
burst attacks
cyber-attack forecasting
EWMA
prediction model
topic brute force attack
burst attacks
cyber-attack forecasting
EWMA
prediction model
description Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today's computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.
publishDate 2014
dc.date.none.fl_str_mv 2014-01-01
2019-10-03T18:18:27Z
2019-10-03T18:18:27Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/conferenceObject
format conferenceObject
status_str publishedVersion
dc.identifier.uri.fl_str_mv 2014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014.
http://hdl.handle.net/11449/183944
WOS:000364918800034
identifier_str_mv 2014 Ninth International Conference On Digital Information Management (icdim). New York: Ieee, p. 194-200, 2014.
WOS:000364918800034
url http://hdl.handle.net/11449/183944
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 2014 Ninth International Conference On Digital Information Management (icdim)
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv 194-200
dc.publisher.none.fl_str_mv Ieee
publisher.none.fl_str_mv Ieee
dc.source.none.fl_str_mv Web of Science
reponame:Repositório Institucional da UNESP
instname:Universidade Estadual Paulista (UNESP)
instacron:UNESP
instname_str Universidade Estadual Paulista (UNESP)
instacron_str UNESP
institution UNESP
reponame_str Repositório Institucional da UNESP
collection Repositório Institucional da UNESP
repository.name.fl_str_mv Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)
repository.mail.fl_str_mv
_version_ 1803046636798083072

Registros relacionados