中国科学院沈阳自动化研究所机构知识库
Advanced  
SIA OpenIR  > 工业控制网络与系统研究室  > 期刊论文
题名: Anomaly detection and response approach based on mapping requests
作者: Wan M(万明) ; Zhang, Hong-Ke ; Wu, Tin-Yu ; Lo, Chi-Hsiang
作者部门: 工业控制网络与系统研究室
关键词: locator/identifier separation ; anomaly detection and response ; cumulative sum ; mapping request threshold algorithm
刊名: Security and Communication Networks
ISSN号: 1939-0114
出版日期: 2014
卷号: 7, 期号:12, 页码:2277-2292
收录类别: SCI ; EI
产权排序: 1
摘要: There is an increasing consensus that the locator/identifier separation of IP address is necessary to resolve the scalability issues of current Internet routing architecture. After identifiers are separated from locators, an identifier-to-locator mapping service must be employed to map identifiers onto locators. From this point, this paper proposes an anomaly detection and response approach based on mapping requests. By using the cumulative sum algorithm for change point detection, this approach introduces the anomalous traffic detection of mapping requests to diagnose the aberrant network behaviors. Once alarming, two effective response methods can be chosen to control the anomalous attack traffic in real time. Furthermore, in order to decouple the mapping request traffic from the mapping cache, this approach not only takes into account the mapping cache timeout but also puts forward a practical mapping request threshold algorithm. In particular, our simulation results show that, compared with the anomaly detection approach based on network traffic, the proposed approach is more advantageous and efficient. In addition, we also discuss the possible false positive and false negative problems, which may be caused by some accidental phenomena.
WOS记录号: WOS:000345633500004
WOS标题词: Science & Technology ; Technology
类目[WOS]: Computer Science, Information Systems ; Telecommunications
研究领域[WOS]: Computer Science ; Telecommunications
Citation statistics:
内容类型: 期刊论文
URI标识: http://ir.sia.cn/handle/173321/15442
Appears in Collections:工业控制网络与系统研究室_期刊论文

Files in This Item: Download All
File Name/ File Size Content Type Version Access License
Anomaly detection and response approach based on mapping requests .pdf(2431KB)----开放获取View Download
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Wan M(万明)]'s Articles
[Zhang, Hong-Ke]'s Articles
[Wu, Tin-Yu]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Wan M(万明)]‘s Articles
[Zhang, Hong-Ke]‘s Articles
[Wu, Tin-Yu]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
文件名: Anomaly detection and response approach based on mapping requests .pdf
格式: Adobe PDF
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2016  中国科学院沈阳自动化研究所 - Feedback
Powered by CSpace