Abstract
Recently, as traffic flooding attacks such as DoS/DDoS and Internet Worm have posed devastating threats to network services, rapid detection and proper response mechanisms are the major concern for secure and reliable network services. However, most of the current Intrusion Detection Systems (IDSs) focus on detail analysis of packet data, which results in late detection and a high system burden to cope with high-speed network traffic. In this paper we propose an SNMP-based lightweight and fast detection algorithm for traffic flooding attacks, which minimizes the processing and network overhead of the detection system, minimizes the detection time, and provides high detection rate.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Moore, D., Voelker, G., Savage, S.: Inferring Internet Denial-of-Service Activity. In: Proc. of the Usenix Security Symposium, Washington, D.C, pp. 401–414 (2001)
Duarte Jr., E., dos Santos, A.L.: Network Fault Management Based on SNMP Agent Groups. In: Proc. of ICDCSW, p. 51 (2001)
Yoo, D.-S., Oh, C.-S.: Traffic Gathering and Analysis Algorithm for Attack Detection. In: KoCon 2004 Spring Integrated conference, vol. 4, pp. 33–43 (2004)
IETF RFC 1213. Management Information Base for Network Management of TCP/Ip-Based Internets: MIB-II, http://www.rfc-editor.org/rfc/rfc1213.txt
Distributed Denial of Service (DDoS) Attacks/tools, http://staff.washington.edu
Li, J.: Constantine Manikopoulos.: Early Statistical Anomaly Intrusion Detection of DoS Attacks Using MIB Traffic Parameters. In: Proc. of the IEEE WIA, pp. 53–59 (2003)
GasparyL, P., Sanchez, R.N., Antunes, D.W., Meneghetti, E.: A SNMP-based platform for distributed stateful intrusion detection in enterprise network. IEEE Journal on Selected Areas in Communications 23, 1973–1982 (2005)
Cabrera, J.B.D., Lewis, L., Qin, X., Lee, W., Prasanth, R.K., Ravichandran, B., Mehra, R.K.: Proactive detection of distributed denial of service attacks using MIB traffic variables-a feasibility study. In: IEEE/IFIP International Symposium, pp. 606–622 (2002)
Xue, Q., Guo, L.-L., Sun, J.-Z.: The design of a distributed network intrusion detection system IA-NIDS. In: International Conference on Machine Learning and Cybernetics 2003, vol. 4, pp. 2305–2308 (2003)
Carlsson, P., Fiedler, M., Tutschku, K., Chevul, S., Nilsson, A.A.: Obtaining Reliable Bit Rate measurements in SNMP-Managed Networks: ITC Specialist Seminar, Würzburg, pp. 114–123 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Park, JS., Kim, MS. (2008). Design and Implementation of an SNMP-Based Traffic Flooding Attack Detection System. In: Ma, Y., Choi, D., Ata, S. (eds) Challenges for Next Generation Network Operations and Service Management. APNOMS 2008. Lecture Notes in Computer Science, vol 5297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88623-5_39
Download citation
DOI: https://doi.org/10.1007/978-3-540-88623-5_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88622-8
Online ISBN: 978-3-540-88623-5
eBook Packages: Computer ScienceComputer Science (R0)