Title :
DDoS attack forecasting system architecture using Honeynet
Author :
Kwon, Dongwoo ; Hong, James Won-Ki ; Ju, Hongtaek
Author_Institution :
Div. of IT Convergence Eng., Pohang Univ. of Sci. & Technol. (POSTECH), Pohang, South Korea
Abstract :
This paper proposes a proactive security system to forecast Distributed Denial of Service (DDoS) attacks. A reactive system focused on detection after network attacks occur has difficulties responding rapidly to massive distributed attacks, such as DDoS. By forecasting the attack, we can take active countermeasures such as strengthening the power of the security devices and it would also enable us to plan a recovery procedure and countermeasures beforehand, providing a more rapid response. In this paper, we discuss previous studies related to intrusion forecasting, define the concept of intrusion forecasting and propose the Internet Intrusion Forecasting System Architecture. To obtain intrusion factors for DDoS attack forecasts, Honeynet was deployed and we analyze Hflow data gathered from Honeynet.
Keywords :
Internet; computer network security; DDoS attack forecasting system architecture; Hflow data; Honeynet; Internet intrusion forecasting system architecture; distributed attacks; distributed denial of service attacks; network attacks; proactive security system; reactive system; recovery procedure; Computer crime; Educational institutions; Forecasting; Hidden Markov models; Internet; DDoS; Honeynet; Intrusion Forecasting; Proactive Network Security;
Conference_Titel :
Network Operations and Management Symposium (APNOMS), 2012 14th Asia-Pacific
Conference_Location :
Seoul
Print_ISBN :
978-1-4673-4494-4
Electronic_ISBN :
978-1-4673-4495-1
DOI :
10.1109/APNOMS.2012.6356055
