Real-time CBR-agent with a mixture of experts in the reuse stage to classify and detect DoS attacks
نویسندگان
چکیده
Security is a major concern when service environments are implemented. This has led to the proposal of a variety of specifications and proposals based on soft computing methods to provide the necessary security for these environments. However, most proposed approaches focus only on ensuring confidentiality and integrity, without putting forward mechanisms that ensure the availability of services and resources offered. A considerable number of attack mechanisms can lead to a web service system crash. As a result, the web service cannot allow access to authorized users. This type of attack is a so-called denial of service attack (DoS) which affects the availability of the services and recourses available. This article presents a novel soft computing-based approach to cope with DoS attacks, but unlike existing solutions, our proposal takes into account the different soft computing mechanisms that can lead to a DoS attack. Our approach is based on a real time classifier agent that incorporates a mixture of experts to choose a specific classification technique depending on the feature of the attack and the time available to solve the classification. With this scheme it is possible to divide the problem into subproblems, solving the classification of the web service requests in a more simple and effective way and always within a time bound interval. This research presents a case study to evaluate the effectiveness of the approach and also presents the preliminary results obtained with an initial prototype. © 2010 Elsevier B.V. All rights reserved.
منابع مشابه
CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in t...
متن کاملDwarf Frankenstein is still in your memory: tiny code reuse attacks
Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers. A large number of practical and non-practical defenses are proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among these methods is consideration of the common be...
متن کاملF-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملReal-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملImage Processing to Detect and Classify Situations and States of Elderly People
Monitoring and tracking of elderly people using vision algorithms is an strategy gaining relevance to detect anomalous and potentially dangerous situations and react immediately. In general vision algorithms for monitoring and tracking are very costly and take a lot of time to respond, which is highly inconvenient since many applications can require action to be taken in real time. A multi-agen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Appl. Soft Comput.
دوره 11 شماره
صفحات -
تاریخ انتشار 2011