Research on defending DDoS attack - an expert system approach

Author

Zhang, Guo-Yin ; Li, Jian ; Gu, Guo-chang

Author_Institution

Coll. of Comput. Sci. & Technol., Harbin Eng. Univ., China

Volume

4

fYear

2004

fDate

10-13 Oct. 2004

Firstpage

3554

Abstract

In this paper, an expert system model is proposed to defend DDoS attacks. In this model, the prior knowledge such as access control information is acquired from the ordinary network information by our proposed access control information maintenance module firstly. These access control information are then used to be the filtering policy of the defending system when the attack traffic is coming. The major contributions in this paper are: the defending system based on expert system is proposed to solve the survival problem of DDoS completely. The characteristic analysis procedure is proposed to observe the behavior of DDoS. The filtering policy based upon the access control information including blacklist and access control list is proposed to defend DDoS. The trust-based maintenance module is proposed to acquire the access control information.

Keywords

expert systems; security of data; access control information; characteristic analysis procedure; distribute denial of service; expert system model; filtering policy; intrusion detection; network security; trust-based maintenance module; Access control; Adaptive filters; Computer crime; Event detection; Expert systems; Information analysis; Information filtering; Information filters; Phase detection; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Man and Cybernetics, 2004 IEEE International Conference on

ISSN

1062-922X

Print_ISBN

0-7803-8566-7

Type

conf

DOI

10.1109/ICSMC.2004.1400893

Filename

1400893