Title :
A Bitmap-Based Algorithm for Detecting Stealthy Superpoints
Author :
Zhimin Li ; Weijiang Liu ; Zhiyang Li ; Jingxia Sun
Author_Institution :
Coll. of Inf. Sci. & Technol., Dalian Maritime Univ., Dalian, China
Abstract :
The host cardinality refers to the number of different peers that an Internet host communicates with. Stealthy superpoint is a host that its cardinality is between two thresholds during a measurement period. Detecting stealthy superpoints helps intrusion systems identify potential attackers. However, stealthy superpoints may perform scanning deliberately at a low rate, and they can easily evade the detection. The existing algorithm can not directly be used to detect them. This paper proposes an algorithm based on Bitmap which can detect stealthy superpoints. The algorithm includes online module and offline module. The online module consists of two submodules. One uses a bloom filter to filter the duplicate packets and store the source addresses. The other uses two-dimensional bit arrays to process packets. The offline estimates the cardinality. The theoretical analysis and experimental results show that our algorithm can precisely detect stealthy superpoints and estimate their cardinalities.
Keywords :
Internet; computer crime; computer network security; peer-to-peer computing; Bloom filter; Internet host; attackers identification; bitmap-based algorithm; duplicate packets; host cardinality; intrusion systems; offline module; online module; peers; process packets; source addresses; stealthy superpoint detection; two-dimensional bit arrays; Accuracy; Algorithm design and analysis; Arrays; Estimation; Indexes; Internet; Bitmap; Stealthy superpoints; host cardinality;
Conference_Titel :
Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4799-5078-2
DOI :
10.1109/DASC.2014.66
