TECHNIQUES FOR GENERATING APPLICATION-LAYER SIGNATURES CHARACTERIZING ADVANCED APPLICATION-LAYER FLOOD ATTACK TOOLS

TECHNIQUES FOR GENERATING APPLICATION-LAYER SIGNATURES CHARACTERIZING ADVANCED APPLICATION-LAYER FLOOD ATTACK TOOLS

The various disclosed embodiments include a method and system for generating application-layer signatures characterizing advanced application-layer attacks are provided. The method includes determining applicative baseline distributions of attributes included in transactions directed to a protected...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: TAMIR, Alon, AVIV, David, DORON, Ehud
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The various disclosed embodiments include a method and system for generating application-layer signatures characterizing advanced application-layer attacks are provided. The method includes determining applicative baseline distributions of attributes included in transactions directed to a protected entity during peacetime; determining attack distributions of applicative attributes included in transactions directed to a protected entity during an on-going application-layer attack; determining, based on the applicative baseline distributions and the attack distributions of applicative attributes, a probability of an attacker executing the on-going application-layer attack to generate an attack using at least one attribute; and generating an application-layer signature designating applicative attributes determined to be eligible based on their respective probabilities, wherein the application-layer signature characterizes behavior of the attacker executing the on-going application-layer attack.