Internet Archive Scholar

Proactive Intrusion Detection and SNMP-Based Security Management: New Experiments and Validation [chapter]

J. B. D. Cabrera, L. Lewis, X. Qin, C. Gutiérrez, W. Lee, R. K. Mehra
2003 Integrated Network Management VIII  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (33.5 kB)
https://web.archive.org/web/20150922171829/http://dl.ifip.org/db/conf/im/im2003/CabreraLQGLM03.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL. The file type is application/pdf.

In our earlier work we have proposed and developed a methodology for the early detection of Distributed Denial of Service (DDoS) attacks. In this paper, we examine the applicability of Proactive Intrusion Detection on a considerably more complex set-up, with hosts associated with three clusters, connected by routers. Background TCP, UDP and ICMP traffic following Interrupted Poisson Processes are superimposed on the attack traffic. We have examined six types of DDoS attacks. In four of the
more » ... ks we have obtained valid MIB-based precursors with no false alarms in all experiments. In the remaining two attacks precursors were obtained, but false alarms were observed. Procedures for eliminating these false alarms are discussed.
doi:10.1007/978-0-387-35674-7_8 fatcat:yckyl4vfrbff3ok5rr4cfzxoeq
Citation

J. B. D. Cabrera, L. Lewis, X. Qin, C. Gutiérrez, W. Lee, R. K. Mehra. "Proactive Intrusion Detection and SNMP-Based Security Management: New Experiments and Validation." Integrated Network Management VIII (2003) 93-96