-
- TAKAHASHI Akinori
- Department of Computer Science and Engineering, Akita University
-
- IGARASHI Ryuji
- Department of Computer Science and Engineering, Akita University
-
- UEDA Hiroshi
- Library and Information Technology Center, Gunma University
-
- IWAYA Yukio
- Research Institute of Electrical Communication, Tohoku University
-
- KINOSHITA Tetsuo
- Graduate School of Information Sciences, Tohoku University
抄録
A method is proposed in this paper to detect attack traffic or anomaly by utilizing an R/S analysis. Our study so far indicates that a LS(Level Shift) or a Cycle superimposed on a discrete time series provides a dispersion in the R/S pox diagram. The LS is well expressed by both HSup and HInf, the slope of the upper- and the lower-most plots group of the pox diagram. By utilizing them as the indices of the anomaly traffic, the validity of our proposal is tested at first by a Bernoulli trial simulation and then with the traffic data of "1999 DARPA Intrusion Detection Evaluation Data Set". Tested attacks are TCP SYN Flood, UDP Storm, and Smurf and our investigations showed that HInf may become a promising parameter for the detection of flooding attacks.
収録刊行物
-
- International Journal of the Society of Materials Engineering for Resources
-
International Journal of the Society of Materials Engineering for Resources 17 (2), 186-192, 2010
日本素材物性学会
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1390282680174870784
-
- NII論文ID
- 130002146387
-
- ISSN
- 18846629
- 13479725
-
- 本文言語コード
- en
-
- データソース種別
-
- JaLC
- Crossref
- CiNii Articles
- KAKEN
-
- 抄録ライセンスフラグ
- 使用不可