- Tytuł:
- On Implementation of Efficient Inline DDoS Detector Based on AATAC Algorithm
- Autorzy:
-
Wiśniewski, Piotr
Sosnowski, Maciej
Burakowski, Wojciech - Powiązania:
- https://bibliotekanauki.pl/articles/2200718.pdf
- Data publikacji:
- 2022
- Wydawca:
- Polska Akademia Nauk. Czytelnia Czasopism PAN
- Tematy:
-
DDoS
Distributed Denial of Service
traffic anomaly detection
AATAC
performance
DPDK - Opis:
- Distributed Denial of Service (DDoS) attacks constitute a major threat in the current Internet. These cyber-attacks aim to flood the target system with tailored malicious network traffic overwhelming its service capacity and consequently severely limiting legitimate users from using the service. This paper builds on the state-of-the-art AATAC algorithm (Autonomous Algorithm for Traffic Anomaly Detection) and provides a concept of a dedicated inline DDoS detector capable of real-time monitoring of network traffic and near-real-time anomaly detection. The inline DDoS detector consists of two main elements: 1) inline probe(s) responsible for link-rate real-time processing and monitoring of network traffic with custom-built packet feature counters, and 2) an analyser that performs the near-real-time statistical analysis of these counters for anomaly detection. These elements communicate asynchronously via the Redis database, facilitating a wide range of deployment scenarios. The inline probes are based on COTS servers and utilise the DPDK framework (Data Plane Development Kit) and parallel packet processing on multiple CPU cores to achieve link rate traffic analysis, including tailored DPI analysis.
- Źródło:
-
International Journal of Electronics and Telecommunications; 2022, 68, 4; 889--898
2300-1933 - Pojawia się w:
- International Journal of Electronics and Telecommunications
- Dostawca treści:
- Biblioteka Nauki
Artykuł