Abstract
In the paper, the problem of determination of the moment of intrusion into a computing system and subsequent change of the service protocol for the input stream of tasks is considered. To determine the moment of the intrusion, a method of cumulative sums is used. Analytical expressions for the method characteristics in the case of the Bernoulli distribution are given. A service protocol to separate tasks generated as a result of the intrusion from the general input stream of tasks is proposed.
Similar content being viewed by others
References
Page, E.S., Continuous inspection schemes, Biometrika, 1954, vol. 41, pp. 100–114.
Shiryaev, A.N., Minimax optimality of the method of cumulative sums (CUSUM) in the case of continuous time, Usp. Mat. Nauk, 1996, vol. 51, no. 4, pp. 173–174.
Lucas, J.M. and Crosier, R.B., Fast initial response for CUSUM quality control schemes: give your CUSUM a head start, Technometrics, 1982, pp. 199–205.
Gan, F.F., Exact run length distributions for one-sided exponential CUSUM schemes, Statistica Sinica, 1992, vol. 2, no. 1, pp. 297–312.
Busaba, J., Sukparungsee, S., Areepong, Y., and Mititelu, G., Analysis of average run length for CUSUM procedure with negative exponential data, Chiang Mai J. Sci., 2012, vol. 39, no. 2, pp. 200–208.
Vardeman, S. and Ray, D., Average run lengths for CUSUM schemes when observations are exponentially distributed, Technometrics, 1985, vol. 27, no. 2, pp. 145–150.
Mazalov, V.V. and Zhuravlev, D.N., A method of cumulative sums in the problem of detection of traffic changes in computer networks, Program. Comput. Software, 2002, vol. 28, no. 6, pp. 342–348.
Loukas, G. and Oke, G., Protection against denial of service attacks: a survey, Comput. J., 2010, vol. 53, no. 7, pp. 1020–1037.
Jain, P., Jain, J., and Gupta, Z., Mitigation of denial of service (DoS) attack, IJCEM Int. J. Computational Eng. Management, 2011, vol. 11, pp. 38–44.
Hashmi, M.J., Saxena, M., and Saini, R., Classification of DDoS attacks and their defense techniques using intrusion prevention system, Int. J. Comput. Sci. Commun. Networks, 2012, vol. 2, no. 5, pp. 607–614.
Author information
Authors and Affiliations
Corresponding author
Additional information
Original Russian Text © V.V. Mazalov, N.N. Nikitina, 2014, published in Programmirovanie, 2014, Vol. 40, No. 6.
Rights and permissions
About this article
Cite this article
Mazalov, V.V., Nikitina, N.N. A CUSUM method to detect and counteract intrusions. Program Comput Soft 40, 337–345 (2014). https://doi.org/10.1134/S0361768814060164
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1134/S0361768814060164