liu.seSearch for publications in DiVA
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Crowd-based Detection of Routing Anomalies on the Internet
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska fakulteten.
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska fakulteten.
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska fakulteten.
2015 (engelsk)Inngår i: Proc. IEEE Conference on Communications and Network Security (IEEE CNS), Florence, Italy, Sept. 2015., IEEE Computer Society Digital Library, 2015, s. 388-396Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The Internet is highly susceptible to routing attacks and there is no universally deployed solution that ensures that traffic is not hijacked by third parties. Individuals or organizations wanting to protect themselves from sustained attacks must therefore typically rely on measurements and traffic monitoring to detect attacks. Motivated by the high overhead costs of continuous active measurements, we argue that passive monitoring combined with collaborative information sharing and statistics can be used to provide alerts about traffic anomalies that may require further investigation. In this paper we present and evaluate a user-centric crowd-based approach in which users passively monitor their network traffic, share information about potential anomalies, and apply combined collaborative statistics to identify potential routing anomalies. The approach uses only passively collected round-trip time (RTT) measurements, is shown to have low overhead, regardless if a central or distributed architecture is used, and provides an attractive tradeoff between attack detection rates (when there is an attack) and false alert rates (needing further investigation) under normal conditions. Our data-driven analysis using longitudinal and distributed RTT measurements also provides insights into detector selection and the relative weight that should be given to candidate detectors at different distances from the potential victim node.

sted, utgiver, år, opplag, sider
IEEE Computer Society Digital Library, 2015. s. 388-396
HSV kategori
Identifikatorer
URN: urn:nbn:se:liu:diva-129426DOI: 10.1109/CNS.2015.7346850ISI: 000380401800048ISBN: 978-1-4673-7876-5 (tryckt)OAI: oai:DiVA.org:liu-129426DiVA, id: diva2:939393
Konferanse
Proc. IEEE Conference on Communications and Network Security (IEEE CNS), Florence, Italy, Sept. 2015.
Tilgjengelig fra: 2016-06-19 Laget: 2016-06-19 Sist oppdatert: 2017-03-16

Open Access i DiVA

fulltext(375 kB)78 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 375 kBChecksum SHA-512
ccee7ebc21eb4e73a1d78221fa6b55dcbe2283dcacddb0d8def8968784c6353befb2c29a16ca32423b3c7f983956255e46b6465c48dae09cba5b137d4322ff04
Type fulltextMimetype application/pdf

Andre lenker

Forlagets fulltekst

Personposter BETA

Hiran, RahulCarlsson, NiklasShahmehri, Nahid

Søk i DiVA

Av forfatter/redaktør
Hiran, RahulCarlsson, NiklasShahmehri, Nahid
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 78 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 111 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf