淡江大學機構典藏:Item 987654321/122974
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 64178/96951 (66%)
造访人次 : 9305766      在线人数 : 242
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/122974


    题名: A Unified Ant Agent Framework for Solving DoS and QoS Problems
    作者: Chen, Hsia-Hsiang;Lee, Chien-Hua;Huang, Shih-Kun
    关键词: IP traceback;metaheuristic algorithm;denial of service (DoS);quality of service (QoS);probabilistic packet marking (PPM);ant system (AS);bloom filter (BF)
    日期: 2016-11
    上传时间: 2023-04-28 16:33:17 (UTC+8)
    出版者: Journal of Information Science & Engineering
    摘要: Anomalous traffic volume can be used for identifying network threats and faults. Denial of service (DoS) and quality of service (QoS) are two contrasting problems of anomalous network traffic. DoS exploits malicious traffic to hinder service availability to normal users, whereas QoS determines if the service provision quality has reached the preset agreement. This paper proposes a unified ant agent framework for identifying the source of these problems: IP traceback for DoS attacks and fault localization for QoS violations. Numerous studies have investigated IP traceback techniques for identifying spoofed IP addresses of attackers. These techniques can identify the attack path from the victim to the attacker. Metaheuristic algorithms that consider slight increments in traffic volume (SITV) are rarely studied for solving the IP traceback problem of DoS attacks. We investigated the malicious and nonmalicious situations for the QoS attack and QoS fault localization problem. This paper proposes a novel ant colony optimization (ACO) method for fast filtering, DoS threat source identification, and QoS fault localization (unified threat identification and fault localization by using ACO, UTFACO). The UTFACO framework was compared with the probabilistic packet marking approach and conventional ant system algorithms. We com- pared the efficiency of UTFACO with and without a bloom filter (BF). The framework was verified in the QoS attack and QoS fault experiment environments. This study showed that attack or fault detection and identification procedures can be designed and implemented practically. The tests used the dataset of the network topology from the DARPA repository with two cases: one is a general experiment, and the other has various levels of SITV. Perfect accuracy can be achieved for the general experiment, and more than 90% accuracy can be obtained for various levels of SITV. The datasets of the QoS attack and QoS fault were obtained from a real network. Precise fault localization is achieved due to the high detection rate obtained. The results show that UTFACO is an efficient and accurate framework. Moreover, the computation time is considerably reduced by using UTFACO with the BF, and the time is less than five seconds in the framework. Our proposed frame- work is robust and can solve the problem of identifying the IP address of an attacker and detecting the fault location.
    關聯: Journal of Information Science and Engineering 32(6), p.1397-1434
    显示于类别:[資訊工程學系暨研究所] 期刊論文

    文件中的档案:

    档案 大小格式浏览次数
    index.html0KbHTML105检视/开启

    在機構典藏中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回馈