Title :
Research on defending DDoS attack - an expert system approach
Author :
Zhang, Guo-Yin ; Li, Jian ; Gu, Guo-chang
Author_Institution :
Coll. of Comput. Sci. & Technol., Harbin Eng. Univ., China
Abstract :
In this paper, an expert system model is proposed to defend DDoS attacks. In this model, the prior knowledge such as access control information is acquired from the ordinary network information by our proposed access control information maintenance module firstly. These access control information are then used to be the filtering policy of the defending system when the attack traffic is coming. The major contributions in this paper are: the defending system based on expert system is proposed to solve the survival problem of DDoS completely. The characteristic analysis procedure is proposed to observe the behavior of DDoS. The filtering policy based upon the access control information including blacklist and access control list is proposed to defend DDoS. The trust-based maintenance module is proposed to acquire the access control information.
Keywords :
expert systems; security of data; access control information; characteristic analysis procedure; distribute denial of service; expert system model; filtering policy; intrusion detection; network security; trust-based maintenance module; Access control; Adaptive filters; Computer crime; Event detection; Expert systems; Information analysis; Information filtering; Information filters; Phase detection; Telecommunication traffic;
Conference_Titel :
Systems, Man and Cybernetics, 2004 IEEE International Conference on
Print_ISBN :
0-7803-8566-7
DOI :
10.1109/ICSMC.2004.1400893
