Title :
Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method
Author :
Wang, Jie ; Phan, Raphael C -W ; Whitley, John N. ; Parish, David J.
Author_Institution :
Dept. of Electron. & Electr. Eng., Loughborough Univ., Loughborough, UK
fDate :
June 29 2010-July 1 2010
Abstract :
Distributed Denial of Service (DDoS) is a serious computer network attack which can cause extreme performance degradation on the victim server. This paper presents a formal and methodical way of modeling DDoS attack by the method of Augmented Attack Tree (AAT), and presents an AAT-based attack detection algorithm. This modeling explicitly captures the particular subtle incidents triggered by DDoS and the corresponding state transitions from the view of the network traffic transmission on the primary victim server. Two major contributions are given in this paper: (1) an AAT-based DDoS model (ADDoSAT) is developed to assess the potential threat from the malicious packets transmission on the primary victim server and to facilitate the detection of such attacks; (2) an AAT-based bottom-up detection algorithm is proposed to detect all kinds of attacks based on AAT modeling.
Keywords :
computer network security; trees (mathematics); augmented attack tree modeling; computer network attack; distributed denial of services; malicious packets transmission; tree based attack detection method; victim server; Computer crime; Databases; Detection algorithms; Floods; Image edge detection; Pediatrics; Servers; Augmented Attack Tree; Bottom-up; DDoS; Detection Algorithm; Modeling;
Conference_Titel :
Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on
Conference_Location :
Bradford
Print_ISBN :
978-1-4244-7547-6
DOI :
10.1109/CIT.2010.185
