Ontology type: schema:ScholarlyArticle
2014-06
AUTHORSHakem Beitollahi, Geert Deconinck
ABSTRACTIn an application-layer distributed denial of service (DDoS) attack, zombie machines send a large number of legitimate requests to the victim server. Since these requests have legitimate formats and are sent through normal TCP connections, intrusion detection systems cannot detect them. In these attacks, an adversary does not saturate the bandwidth of the victim server through inbound traffic, but through outbound traffic. The next aim of the adversary is to consume and exhaust computational resources (e.g., CPU cycles), memory resources, TCP/IP stack, resources of input/output devices, etc. This paper proposes a novel scheme which is called ConnectionScore to resist such DDoS attacks. During the attack time, any connection is scored based on history and statistical analysis which has been done during the normal condition. The bottleneck resources are retaken from those connections which take lower scores. Our analysis shows that connections established by the adversary give low scores. In fact, the ConnectionScore technique can estimate legitimacy of connections with high probability. The rate of suspicious connections being dropped is adjusted based on the current level of overload of the server and a threshold-level of free resources. To evaluate the performance of the scheme, we perform experiments in the Emulab environment using real traceroute data of the ClarkNet WWW server (http://ita.ee.lbl.gov/html/contrib/ClarkNet-HTTP.html). More... »
PAGES425-442
http://scigraph.springernature.com/pub.10.1007/s12652-013-0196-5
DOIhttp://dx.doi.org/10.1007/s12652-013-0196-5
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1051725491
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Artificial Intelligence and Image Processing",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Soran University",
"id": "https://www.grid.ac/institutes/grid.449301.b",
"name": [
"Soran University, Kurdistan Region, Soran, Iraq"
],
"type": "Organization"
},
"familyName": "Beitollahi",
"givenName": "Hakem",
"id": "sg:person.014160110027.06",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014160110027.06"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "KU Leuven",
"id": "https://www.grid.ac/institutes/grid.5596.f",
"name": [
"Electrical Engineering Department, University of Leuven, Kasteelpark Arenberg 10, Leuven, Belgium"
],
"type": "Organization"
},
"familyName": "Deconinck",
"givenName": "Geert",
"id": "sg:person.01022745130.75",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01022745130.75"
],
"type": "Person"
}
],
"citation": [
{
"id": "https://doi.org/10.1145/1216370.1216373",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1008453551"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1016/j.comcom.2012.04.008",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1008509147"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1145/997150.997156",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1020238858"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1145/1059513.1059517",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1021060330"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/s12652-011-0091-x",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1021122170",
"https://doi.org/10.1007/s12652-011-0091-x"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1145/637201.637210",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1024279033"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/11909033_9",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1034173570",
"https://doi.org/10.1007/11909033_9"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/11909033_9",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1034173570",
"https://doi.org/10.1007/11909033_9"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1145/948109.948114",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1053280172"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/90.929847",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061247592"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/jsac.2003.818778",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061316500"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tdsc.2008.13",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061585172"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tnet.2004.842221",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061714510"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tnet.2008.923716",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061715032"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/tpds.2007.1014",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1061753058"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/iccias.2006.295444",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1093238444"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/icc.2009.5199191",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1093512027"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/infcomw.2011.5928950",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1093792229"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/infocom.2006.127",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1094040068"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/cvpr.2003.1211347",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1094946979"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/icc.2011.5963009",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1095002109"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/icnsc.2007.372823",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1095097734"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/pacrim.2007.4313218",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1095156541"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1109/iccsit.2010.5564874",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1095255201"
],
"type": "CreativeWork"
},
{
"id": "https://doi.org/10.1145/781027.781067",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1098892941"
],
"type": "CreativeWork"
},
{
"id": "https://app.dimensions.ai/details/publication/pub.1109387615",
"type": "CreativeWork"
},
{
"id": "https://app.dimensions.ai/details/publication/pub.1109387615",
"type": "CreativeWork"
}
],
"datePublished": "2014-06",
"datePublishedReg": "2014-06-01",
"description": "In an application-layer distributed denial of service (DDoS) attack, zombie machines send a large number of legitimate requests to the victim server. Since these requests have legitimate formats and are sent through normal TCP connections, intrusion detection systems cannot detect them. In these attacks, an adversary does not saturate the bandwidth of the victim server through inbound traffic, but through outbound traffic. The next aim of the adversary is to consume and exhaust computational resources (e.g., CPU cycles), memory resources, TCP/IP stack, resources of input/output devices, etc. This paper proposes a novel scheme which is called ConnectionScore to resist such DDoS attacks. During the attack time, any connection is scored based on history and statistical analysis which has been done during the normal condition. The bottleneck resources are retaken from those connections which take lower scores. Our analysis shows that connections established by the adversary give low scores. In fact, the ConnectionScore technique can estimate legitimacy of connections with high probability. The rate of suspicious connections being dropped is adjusted based on the current level of overload of the server and a threshold-level of free resources. To evaluate the performance of the scheme, we perform experiments in the Emulab environment using real traceroute data of the ClarkNet WWW server (http://ita.ee.lbl.gov/html/contrib/ClarkNet-HTTP.html).",
"genre": "research_article",
"id": "sg:pub.10.1007/s12652-013-0196-5",
"inLanguage": [
"en"
],
"isAccessibleForFree": false,
"isPartOf": [
{
"id": "sg:journal.1043999",
"issn": [
"1868-5137",
"1868-5145"
],
"name": "Journal of Ambient Intelligence and Humanized Computing",
"type": "Periodical"
},
{
"issueNumber": "3",
"type": "PublicationIssue"
},
{
"type": "PublicationVolume",
"volumeNumber": "5"
}
],
"name": "ConnectionScore: a statistical technique to resist application-layer DDoS attacks",
"pagination": "425-442",
"productId": [
{
"name": "readcube_id",
"type": "PropertyValue",
"value": [
"f664c006094666d9e29b368f30d96a6d7ffe843b34f342349064e0b064401c4a"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/s12652-013-0196-5"
]
},
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1051725491"
]
}
],
"sameAs": [
"https://doi.org/10.1007/s12652-013-0196-5",
"https://app.dimensions.ai/details/publication/pub.1051725491"
],
"sdDataset": "articles",
"sdDatePublished": "2019-04-10T16:04",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8664_00000595.jsonl",
"type": "ScholarlyArticle",
"url": "http://link.springer.com/10.1007%2Fs12652-013-0196-5"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/s12652-013-0196-5'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/s12652-013-0196-5'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/s12652-013-0196-5'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/s12652-013-0196-5'
This table displays all metadata directly associated to this object as RDF triples.
147 TRIPLES
21 PREDICATES
52 URIs
19 LITERALS
7 BLANK NODES