An Intrusion Surveillance System to Detect IRC-based DDoS Attacks

Author

Xiang, Yang ; Zhou, Wanlei

Author_Institution

Sch. of Eng. & Inf. Technol., Deakin Univ.

fYear

2006

fDate

Aug. 2006

Firstpage

65

Lastpage

65

Abstract

Distributed denial of service (DDoS) attacks has been a serious threat on security of the current Internet. Recently there is a trend that many DDoS attacks utilize Internet relay chat (IRC) infrastructures as the communication channels. In this paper we propose an intrusion surveillance system (ISS) to detect IRC-based DDoS attacks. The main functions of ISS are to observe network conditions, gather intelligence from distributed sources, and determine what potential attacks will likely happen. We give the detailed design of ISS in this paper. We also implement this system by using a new approach of text-based decision making - distributed preference-based surveillance (DPBS) algorithm. By experiments we demonstrate that this distributed algorithm can effectively identify potential IRC-based DDoS attacks based on the information from different locations

Keywords

Internet; computer crime; distributed algorithms; electronic messaging; surveillance; IRC-based DDoS attacks; Internet relay chat infrastructures; communication channels; distributed algorithm; distributed denial of service attacks; distributed preference-based surveillance algorithm; intrusion surveillance system; text-based decision making; Communication channels; Communication system security; Computer crime; Decision making; Distributed algorithms; Intelligent networks; Intrusion detection; Relays; Surveillance; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Computing in the Global Information Technology, 2006. ICCGI '06. International Multi-Conference on

Conference_Location

Bucharest

Print_ISBN

0-7695-2690-X

Electronic_ISBN

0-7695-2690-X

Type

conf

DOI

10.1109/ICCGI.2006.11

Filename

4124084