SIA OpenIR  > 工业控制网络与系统研究室
Anomaly detection and response approach based on mapping requests
Wan M(万明); Zhang, Hong-Ke; Wu, Tin-Yu; Lo, Chi-Hsiang
作者部门工业控制网络与系统研究室
关键词Locator/identifier Separation Anomaly Detection And Response Cumulative Sum Mapping Request Threshold Algorithm
发表期刊Security and Communication Networks
ISSN1939-0114
2014
卷号7期号:12页码:2277-2292
收录类别SCI ; EI
EI收录号20144800258774
WOS记录号WOS:000345633500004
产权排序1
摘要There is an increasing consensus that the locator/identifier separation of IP address is necessary to resolve the scalability issues of current Internet routing architecture. After identifiers are separated from locators, an identifier-to-locator mapping service must be employed to map identifiers onto locators. From this point, this paper proposes an anomaly detection and response approach based on mapping requests. By using the cumulative sum algorithm for change point detection, this approach introduces the anomalous traffic detection of mapping requests to diagnose the aberrant network behaviors. Once alarming, two effective response methods can be chosen to control the anomalous attack traffic in real time. Furthermore, in order to decouple the mapping request traffic from the mapping cache, this approach not only takes into account the mapping cache timeout but also puts forward a practical mapping request threshold algorithm. In particular, our simulation results show that, compared with the anomaly detection approach based on network traffic, the proposed approach is more advantageous and efficient. In addition, we also discuss the possible false positive and false negative problems, which may be caused by some accidental phenomena.
语种英语
WOS标题词Science & Technology ; Technology
WOS类目Computer Science, Information Systems ; Telecommunications
WOS研究方向Computer Science ; Telecommunications
引用统计
文献类型期刊论文
条目标识符http://ir.sia.cn/handle/173321/15442
专题工业控制网络与系统研究室
通讯作者Wu, Tin-Yu
作者单位1.Laboratory of Networked Control Systems, Shenyang Institute of Automation Chinese Academy of Sciences, Shenyang, China
2.National Engineering Laboratory for Next Generation Internet Interconnection Devices, Beijing Jiaotong University, Beijing, China
3.Department of Computer Science and Information Engineering, National Ilan University, I-Lan, Taiwan
4.Department of Computer Science and Information Engineering and Department of Electronic Engineering, National Ilan University, I-Lan, Taiwan
推荐引用方式
GB/T 7714
Wan M,Zhang, Hong-Ke,Wu, Tin-Yu,et al. Anomaly detection and response approach based on mapping requests[J]. Security and Communication Networks,2014,7(12):2277-2292.
APA Wan M,Zhang, Hong-Ke,Wu, Tin-Yu,&Lo, Chi-Hsiang.(2014).Anomaly detection and response approach based on mapping requests.Security and Communication Networks,7(12),2277-2292.
MLA Wan M,et al."Anomaly detection and response approach based on mapping requests".Security and Communication Networks 7.12(2014):2277-2292.
条目包含的文件 下载所有文件
文件名称/大小 文献类型 版本类型 开放类型 使用许可
Anomaly detection an(2431KB)期刊论文作者接受稿开放获取ODC PDDL浏览 下载
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Wan M(万明)]的文章
[Zhang, Hong-Ke]的文章
[Wu, Tin-Yu]的文章
百度学术
百度学术中相似的文章
[Wan M(万明)]的文章
[Zhang, Hong-Ke]的文章
[Wu, Tin-Yu]的文章
必应学术
必应学术中相似的文章
[Wan M(万明)]的文章
[Zhang, Hong-Ke]的文章
[Wu, Tin-Yu]的文章
相关权益政策
暂无数据
收藏/分享
文件名: Anomaly detection and response approach based on mapping requests .pdf
格式: Adobe PDF
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。