Distack -- A Framework for Anomaly-Based Large-Scale Attack Detection

Author

Gamer, Thomas ; Mayer, Christoph P. ; Zitterbart, Martina

Author_Institution

Inst. of Telematics, Univ. Karlsruhe, Karlsruhe

fYear

2008

fDate

25-31 Aug. 2008

Firstpage

34

Lastpage

40

Abstract

Distributed denial-of-service attacks pose unpredictable threats to the Internet infrastructure and Internet-based business. Thus, many attack detection systems and anomaly detection methods were developed in the past. A realistic evaluation of these mechanisms and comparable results, however, are impossible up to now. Furthermore, an adaptation to new situations or an extension of existing systems in most cases is complex and time-consuming. Therefore, we developed a framework for attack detection which allows for an integration of various detection methods as lightweight modules. These modules can be combined easily and arbitrarily and thus, adapted to varying situations. Additionally, our framework can be applied in different runtime environments transparently. This enables an easy evaluation with meaningful and comparable results based on realistic large-scale scenarios, e.g. by using a network simulator.

Keywords

Internet; security of data; Distack; Internet; anomaly detection; anomaly-based large-scale attack detection; distributed denial-of-service attacks; Availability; Communication networks; Computer crime; Electronic commerce; Information security; Internet; Large-scale systems; Runtime environment; Social network services; Telematics; Attack Detection; Security Framework;

fLanguage

English

Publisher

ieee

Conference_Titel

Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on

Conference_Location

Cap Esterel

Print_ISBN

978-0-7695-3329-2

Electronic_ISBN

978-0-7695-3329-2

Type

conf

DOI

10.1109/SECURWARE.2008.8

Filename

4622558