Botnet identification in randomized DDoS attacks. Matta, V., Di Mauro, M., & Longo, M. In 2016 24th European Signal Processing Conference (EUSIPCO), pages 2260-2264, Aug, 2016.
Botnet identification in randomized DDoS attacks [pdf]Paper  doi  abstract   bibtex   
Recent variants of Distributed Denial-of-Service (DDoS) attacks leverage the flexibility of application-layer protocols to disguise malicious activities as normal traffic patterns, while concurrently overwhelming the target destination with a large request rate. New countermeasures are necessary, aimed at guaranteeing an early and reliable identification of the compromised network nodes (the botnet). In this work we introduce a formal model for the aforementioned class of attacks, and we devise an inference algorithm that estimates the botnet hidden in the network, converging to the true solution as time progresses. Notably, the analysis is validated over real network traces.
@InProceedings{7760651,
  author = {V. Matta and M. {Di Mauro} and M. Longo},
  booktitle = {2016 24th European Signal Processing Conference (EUSIPCO)},
  title = {Botnet identification in randomized DDoS attacks},
  year = {2016},
  pages = {2260-2264},
  abstract = {Recent variants of Distributed Denial-of-Service (DDoS) attacks leverage the flexibility of application-layer protocols to disguise malicious activities as normal traffic patterns, while concurrently overwhelming the target destination with a large request rate. New countermeasures are necessary, aimed at guaranteeing an early and reliable identification of the compromised network nodes (the botnet). In this work we introduce a formal model for the aforementioned class of attacks, and we devise an inference algorithm that estimates the botnet hidden in the network, converging to the true solution as time progresses. Notably, the analysis is validated over real network traces.},
  keywords = {computer network security;inference mechanisms;invasive software;protocols;botnet identification;randomized DDoS attack;distributed Denial-of-Service attack;application-layer protocol;traffic pattern;formal model;inference algorithm;Dictionaries;Computer crime;Emulation;Technological innovation;Signal processing;Signal processing algorithms;Aggregates;Distributed Denial-of-Service;DDoS;Cyber-Security;Signal Processing for Network Security},
  doi = {10.1109/EUSIPCO.2016.7760651},
  issn = {2076-1465},
  month = {Aug},
  url = {https://www.eurasip.org/proceedings/eusipco/eusipco2016/papers/1570252164.pdf},
}
Downloads: 0