Title :
Bitwise sketch for lightweight reverse IP reconstruction in network anomaly detection
Author :
Fei Wang ; Xiaofeng Wang ; Xiaofeng Hu ; Jinshu Su
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Sketch is commonly used in network anomaly detection. However, its irreversibility seriously obstacle for identification of origin of traffic anomaly, such as attack flows. In this paper, we design a novel sketch structure, called Bitwise Sketch, with the ability of fast and lightweight reverse deduction. Bitwisebased hash function, which distributes keys (IPs) is Sketch, is adopted in bitwise sketch, instead of traditional universal hash function. We propose an IP reconstruction algorithm that can reversely infer anomalous keys (IP) from a set of anomalous buckets, with very low overhead. Simulation result shows the effectiveness of the algorithm¿s results in filtering attack traffic. Through theoretical analysis, we compare our approach with three resultant approaches, and our approach outperforms both in memory requirement and computational cost.
Keywords :
IP networks; computer network security; telecommunication traffic; bitwise sketch; computational cost; distributes keys; filtering attack traffic; lightweight reverse IP reconstruction; memory requirement; network anomaly detection; traffic anomaly; Accuracy; Computer crime; IP networks; Memory management; Noise; Reconstruction algorithms; Vectors; anomaly detection; bitwise hash function; reverse IP reconstruction;
Conference_Titel :
Mobile Adhoc and Sensor Systems (MASS), 2012 IEEE 9th International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4673-2433-5
DOI :
10.1109/MASS.2012.6708530
