Title :
PRBS/EWMA based model for predicting burst attacks (Brute Froce, DoS) in computer networks
Author :
Silva, Alonso ; Pontes, Elvis ; Fen Zhou ; Guelf, Adilson ; Kofuji, Sergio
Author_Institution :
Univ. Paulista, Sao Paulo, Brazil
fDate :
Sept. 29 2014-Oct. 1 2014
Abstract :
Burst attacks (e.g. Brute Force, DoS, DDoS, etc) have become a great concern for the today´s computer networks, causing millions of losses to the society. Even though the detection of burst attacks is widely investigated, there is a gap in the academic literature regarding the predicting models for anticipating such security issue. As the frequency of bursts depends on the behavior of the attackers, it is hard to determine the exact moment when a burst starts. In this paper we propose a new model for aggregating peaks of a burst - specifically for the brute force attack - at a single point called One Point Analysis (OPA). We applied the OPA technique in a prototype, so the beginning of each burst was predicted by the use of (a) Pseudo-Random Binary Sequences (PRBS), and (b) Exponential Weighted Moving Averages (EWMA). For evaluating the results, the OPA was compared to other techniques by two indicators, and it was possible coming to a conclusion regarding the OPA effectiveness.
Keywords :
binary sequences; computer network security; moving average processes; random sequences; DDoS; EWMA based model; OPA technique; PRBS based model; brute force attack; burst attack prediction; computer network security issue; exponential weighted moving averages; one point analysis; pseudorandom binary sequences; Computers; Delays; Force; Forecasting; Market research; Predictive models; Prototypes; EWMA; brute force attack; burst attacks; cyber-attack forecasting; prediction model;
Conference_Titel :
Digital Information Management (ICDIM), 2014 Ninth International Conference on
Conference_Location :
Phitsanulok
DOI :
10.1109/ICDIM.2014.6991410
