Real-time detection and containment of network attacks using QoS regulation
Conference Paper
Overview
Identity
Additional Document Info
Other
View All
Overview
abstract
In this paper, we present a network measurement mechanism that can detect and mitigate attacks and anomalous traffic in real-time using QoS regulation. The detection method rapidly pursues the dynamics of the network on the basis of correlation properties of the network protocols. By observing the proportion occupied by each traffic protocol and correlating it to that of previous states of traffic, it can be possible to determine whether the current traffic is behaving normally. When abnormalities are detected, our mechanism allows aggregated resource regulation of each protocol's traffic. The trace-driven results show that the rate-based regulation of traffic characterized by protocol classes is a feasible vehicle for mitigating the impact of network attacks on end servers. 2005 IEEE.
name of conference
IEEE International Conference on Communications, 2005. ICC 2005. 2005