Meaningful attack graph reconstruction through stochastic marking analysis

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F61989100%3A27240%2F16%3A86098026" target="_blank" >RIV/61989100:27240/16:86098026 - isvavai.cz</a>

Výsledek na webu

<a href="http://ieeexplore.ieee.org/document/7570519/" target="_blank" >http://ieeexplore.ieee.org/document/7570519/</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/SPECTS.2016.7570519" target="_blank" >10.1109/SPECTS.2016.7570519</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Meaningful attack graph reconstruction through stochastic marking analysis

Popis výsledku v původním jazyce

Nowadays, the defense against Denial of Service (DoS) attacks is receiving particular interest. Different techniques have been proposed and, in particular, the Packet Marking (PM) and TraceBack (TB) procedures demonstrated a good capacity of facing the different malicious attacks. While host-based DoS attacks are more easily traced and managed, network-based DoS attacks are a more challenging threat. The powerful point of IP TB approach is the possibility given to routers to mark and add some information on attack packets, on the basis of a fixed probability value. In this paper, we propose a possible approach for modeling the classical probabilistic PM algorithms as Markov chains, giving the possibility to obtain a closed form for the evaluation of the right number of received marked packets, in order to build a meaningful attack graph. (C) 2016 The Society for Modeling and Simulation International.

Název v anglickém jazyce

Meaningful attack graph reconstruction through stochastic marking analysis

Popis výsledku anglicky

Nowadays, the defense against Denial of Service (DoS) attacks is receiving particular interest. Different techniques have been proposed and, in particular, the Packet Marking (PM) and TraceBack (TB) procedures demonstrated a good capacity of facing the different malicious attacks. While host-based DoS attacks are more easily traced and managed, network-based DoS attacks are a more challenging threat. The powerful point of IP TB approach is the possibility given to routers to mark and add some information on attack packets, on the basis of a fixed probability value. In this paper, we propose a possible approach for modeling the classical probabilistic PM algorithms as Markov chains, giving the possibility to obtain a closed form for the evaluation of the right number of received marked packets, in order to build a meaningful attack graph. (C) 2016 The Society for Modeling and Simulation International.

Druh

D - Stať ve sborníku

CEP obor

IN - Informatika

OECD FORD obor

—

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2016

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 2016 International Symposium on Performance Evaluation of Computer and Telecommunication Systems, SPECTS 2016 - Part of SummerSim 2016 Multiconference

ISBN

978-1-5108-2423-2

ISSN

—

e-ISSN

—

Počet stran výsledku

6

Strana od-do

—

Název nakladatele

Institute of Electrical and Electronics Engineers Inc.

Místo vydání

Vienna

Místo konání akce

Montreal

Datum konání akce

24. 7. 2016

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—