Ahmed, Abdulghani Ali and Sadiq, Ali Safa and Mohamad Fadli, Zolkipli (2016) Traceback Model for Identifying Sources of Distributed Attacks in Real Time. Security and Communication Networks, 9 (13). pp. 2173-2185. ISSN 1939-0122. (Published)
|
PDF
Traceback Model for Identifying Sources of Distributed Attacks In Real Time.pdf Download (41kB) | Preview |
Abstract
Locating sources of distributed attack is time-consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | real-time trackback; distributed attack; explicit congestion notification; service level agreement; active connection |
| Subjects: | Q Science > QA Mathematics Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Faculty/Division: | Faculty of Computer System And Software Engineering |
| Depositing User: | Noorul Farina Arifin |
| Date Deposited: | 06 Apr 2016 06:43 |
| Last Modified: | 30 Mar 2018 08:14 |
| URI: | http://umpir.ump.edu.my/id/eprint/12717 |
| Download Statistic: | View Download Statistics |
Actions (login required)
 |
View Item |