Abnormality metrics to detect and protect against network attacks

Abnormality metrics to detect and protect against network attacks

Internet has been growing at an amazing rate and it becomes pervasive in all aspects of our life. On the other hand, the ubiquity of networked computers and their services has significantly increased their vulnerability to virus and worm attacks. To make pervasive systems and their services reliable...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Guangzhi Qu, Hariri, S., Jangiti, S., Hussain, S., Seungchan Oh, Fayssal, S., Yousif, M.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer crime
Computer network reliability
Computer networks
Computer worms
Computerized monitoring
Internet
Protection
Software agents
Software measurement
Testing
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 111
container_issue
container_start_page 105
container_title
container_volume
creator Guangzhi Qu
Hariri, S.
Jangiti, S.
Hussain, S.
Seungchan Oh
Fayssal, S.
Yousif, M.
description Internet has been growing at an amazing rate and it becomes pervasive in all aspects of our life. On the other hand, the ubiquity of networked computers and their services has significantly increased their vulnerability to virus and worm attacks. To make pervasive systems and their services reliable and secure it becomes highly essential to develop on-line monitoring, analysis, and quantification of the operational state of such systems and services under a wide range of normal and abnormal workload scenarios. We prevent several abnormality metrics that can be used to detect abnormal behaviors and also can be used to quantify the impact of attach on pervasive system sendees. Our online monitoring approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the measurement attributes and compute the abnormality metrics. Further, we use this metrics to quantify the impact of attacks on the individual components and on the system as a whole. This analysis leads to identify the most critical components in the system. We have built a test bed to experiment and evaluate the effectiveness of these metrics to detect several well-known network attacks such as MS SQL slammer worm attack, Denial of Service attack, and email worm spam.
doi_str_mv 10.1109/PERSER.2004.1356777
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_1356777</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1356777</ieee_id><sourcerecordid>1356777</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-d3b8e73bf66058eb9ad0d08e468359f705374da710d58d5faf45f517d5f5a3e93</originalsourceid><addsrcrecordid>eNotj8tqwzAQRQWl0DbNF2SjH3A6ijweeWmC-4BAS9qug2yNiprYDpKg5O8bSM7mntWFI8RCwVIpqJ8-2u1nu12uAMql0lgR0Y14ADKgDRKt7sQ8pV84o2s0lbkXTdONUxzsIeSTHDjH0CeZJ-k4c5-lHZ08xuniPzaMKcuR898U99LmbPt9ehS33h4Sz687E9_P7df6tdi8v7ytm00RFGEunO4Mk-58VQEa7mrrwIHhsjIaa0-AmkpnSYFD49BbX6JHRWdFq7nWM7G4_AZm3h1jGGw87a6V-h9F_0lT</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Abnormality metrics to detect and protect against network attacks</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Guangzhi Qu ; Hariri, S. ; Jangiti, S. ; Hussain, S. ; Seungchan Oh ; Fayssal, S. ; Yousif, M.</creator><creatorcontrib>Guangzhi Qu ; Hariri, S. ; Jangiti, S. ; Hussain, S. ; Seungchan Oh ; Fayssal, S. ; Yousif, M.</creatorcontrib><description>Internet has been growing at an amazing rate and it becomes pervasive in all aspects of our life. On the other hand, the ubiquity of networked computers and their services has significantly increased their vulnerability to virus and worm attacks. To make pervasive systems and their services reliable and secure it becomes highly essential to develop on-line monitoring, analysis, and quantification of the operational state of such systems and services under a wide range of normal and abnormal workload scenarios. We prevent several abnormality metrics that can be used to detect abnormal behaviors and also can be used to quantify the impact of attach on pervasive system sendees. Our online monitoring approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the measurement attributes and compute the abnormality metrics. Further, we use this metrics to quantify the impact of attacks on the individual components and on the system as a whole. This analysis leads to identify the most critical components in the system. We have built a test bed to experiment and evaluate the effectiveness of these metrics to detect several well-known network attacks such as MS SQL slammer worm attack, Denial of Service attack, and email worm spam.</description><identifier>ISBN: 0780385772</identifier><identifier>ISBN: 9780780385771</identifier><identifier>DOI: 10.1109/PERSER.2004.1356777</identifier><language>eng</language><publisher>IEEE</publisher><subject>Computer crime ; Computer network reliability ; Computer networks ; Computer worms ; Computerized monitoring ; Internet ; Protection ; Software agents ; Software measurement ; Testing</subject><ispartof>The IEEE/ACS International Conference onPervasive Services, 2004. ICPS 2004. Proceedings, 2004, p.105-111</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1356777$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,4050,4051,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1356777$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Guangzhi Qu</creatorcontrib><creatorcontrib>Hariri, S.</creatorcontrib><creatorcontrib>Jangiti, S.</creatorcontrib><creatorcontrib>Hussain, S.</creatorcontrib><creatorcontrib>Seungchan Oh</creatorcontrib><creatorcontrib>Fayssal, S.</creatorcontrib><creatorcontrib>Yousif, M.</creatorcontrib><title>Abnormality metrics to detect and protect against network attacks</title><title>The IEEE/ACS International Conference onPervasive Services, 2004. ICPS 2004. Proceedings</title><addtitle>PERSER</addtitle><description>Internet has been growing at an amazing rate and it becomes pervasive in all aspects of our life. On the other hand, the ubiquity of networked computers and their services has significantly increased their vulnerability to virus and worm attacks. To make pervasive systems and their services reliable and secure it becomes highly essential to develop on-line monitoring, analysis, and quantification of the operational state of such systems and services under a wide range of normal and abnormal workload scenarios. We prevent several abnormality metrics that can be used to detect abnormal behaviors and also can be used to quantify the impact of attach on pervasive system sendees. Our online monitoring approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the measurement attributes and compute the abnormality metrics. Further, we use this metrics to quantify the impact of attacks on the individual components and on the system as a whole. This analysis leads to identify the most critical components in the system. We have built a test bed to experiment and evaluate the effectiveness of these metrics to detect several well-known network attacks such as MS SQL slammer worm attack, Denial of Service attack, and email worm spam.</description><subject>Computer crime</subject><subject>Computer network reliability</subject><subject>Computer networks</subject><subject>Computer worms</subject><subject>Computerized monitoring</subject><subject>Internet</subject><subject>Protection</subject><subject>Software agents</subject><subject>Software measurement</subject><subject>Testing</subject><isbn>0780385772</isbn><isbn>9780780385771</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2004</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotj8tqwzAQRQWl0DbNF2SjH3A6ijweeWmC-4BAS9qug2yNiprYDpKg5O8bSM7mntWFI8RCwVIpqJ8-2u1nu12uAMql0lgR0Y14ADKgDRKt7sQ8pV84o2s0lbkXTdONUxzsIeSTHDjH0CeZJ-k4c5-lHZ08xuniPzaMKcuR898U99LmbPt9ehS33h4Sz687E9_P7df6tdi8v7ytm00RFGEunO4Mk-58VQEa7mrrwIHhsjIaa0-AmkpnSYFD49BbX6JHRWdFq7nWM7G4_AZm3h1jGGw87a6V-h9F_0lT</recordid><startdate>2004</startdate><enddate>2004</enddate><creator>Guangzhi Qu</creator><creator>Hariri, S.</creator><creator>Jangiti, S.</creator><creator>Hussain, S.</creator><creator>Seungchan Oh</creator><creator>Fayssal, S.</creator><creator>Yousif, M.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2004</creationdate><title>Abnormality metrics to detect and protect against network attacks</title><author>Guangzhi Qu ; Hariri, S. ; Jangiti, S. ; Hussain, S. ; Seungchan Oh ; Fayssal, S. ; Yousif, M.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-d3b8e73bf66058eb9ad0d08e468359f705374da710d58d5faf45f517d5f5a3e93</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2004</creationdate><topic>Computer crime</topic><topic>Computer network reliability</topic><topic>Computer networks</topic><topic>Computer worms</topic><topic>Computerized monitoring</topic><topic>Internet</topic><topic>Protection</topic><topic>Software agents</topic><topic>Software measurement</topic><topic>Testing</topic><toplevel>online_resources</toplevel><creatorcontrib>Guangzhi Qu</creatorcontrib><creatorcontrib>Hariri, S.</creatorcontrib><creatorcontrib>Jangiti, S.</creatorcontrib><creatorcontrib>Hussain, S.</creatorcontrib><creatorcontrib>Seungchan Oh</creatorcontrib><creatorcontrib>Fayssal, S.</creatorcontrib><creatorcontrib>Yousif, M.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Guangzhi Qu</au><au>Hariri, S.</au><au>Jangiti, S.</au><au>Hussain, S.</au><au>Seungchan Oh</au><au>Fayssal, S.</au><au>Yousif, M.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Abnormality metrics to detect and protect against network attacks</atitle><btitle>The IEEE/ACS International Conference onPervasive Services, 2004. ICPS 2004. Proceedings</btitle><stitle>PERSER</stitle><date>2004</date><risdate>2004</risdate><spage>105</spage><epage>111</epage><pages>105-111</pages><isbn>0780385772</isbn><isbn>9780780385771</isbn><abstract>Internet has been growing at an amazing rate and it becomes pervasive in all aspects of our life. On the other hand, the ubiquity of networked computers and their services has significantly increased their vulnerability to virus and worm attacks. To make pervasive systems and their services reliable and secure it becomes highly essential to develop on-line monitoring, analysis, and quantification of the operational state of such systems and services under a wide range of normal and abnormal workload scenarios. We prevent several abnormality metrics that can be used to detect abnormal behaviors and also can be used to quantify the impact of attach on pervasive system sendees. Our online monitoring approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the measurement attributes and compute the abnormality metrics. Further, we use this metrics to quantify the impact of attacks on the individual components and on the system as a whole. This analysis leads to identify the most critical components in the system. We have built a test bed to experiment and evaluate the effectiveness of these metrics to detect several well-known network attacks such as MS SQL slammer worm attack, Denial of Service attack, and email worm spam.</abstract><pub>IEEE</pub><doi>10.1109/PERSER.2004.1356777</doi><tpages>7</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 0780385772
ispartof The IEEE/ACS International Conference onPervasive Services, 2004. ICPS 2004. Proceedings, 2004, p.105-111
issn
language eng
recordid cdi_ieee_primary_1356777
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Computer crime
Computer network reliability
Computer networks
Computer worms
Computerized monitoring
Internet
Protection
Software agents
Software measurement
Testing
title Abnormality metrics to detect and protect against network attacks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-27T05%3A09%3A27IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Abnormality%20metrics%20to%20detect%20and%20protect%20against%20network%20attacks&rft.btitle=The%20IEEE/ACS%20International%20Conference%20onPervasive%20Services,%202004.%20ICPS%202004.%20Proceedings&rft.au=Guangzhi%20Qu&rft.date=2004&rft.spage=105&rft.epage=111&rft.pages=105-111&rft.isbn=0780385772&rft.isbn_list=9780780385771&rft_id=info:doi/10.1109/PERSER.2004.1356777&rft_dat=%3Cieee_6IE%3E1356777%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1356777&rfr_iscdi=true