Estimativa de Holt-Winters para Detecção de Ataques em Redes WAN

Sidney C. de LucenaAlex Soares de Moura

Attacks against networks and its services are permanent concerns for Internet service providers. Several methods for malicious traffic detection in WANs have been researched in the last years. This article evaluates a method based in the Holt-Winters forecasting algorithm to verify significant changes at the pattern of IP addresses and port numbers, normally affected in the presence of attacks. This work also proposes and evaluates the use of filters to increase the effectiveness of the method for the detection of attacks. Results confirm the usefulness of this proposal to detect malicious traffic related to a TCP SYN flood attack and to the propagation of the Slammer worm, both applied to real traffic samples from RNP's WAN backbone.

Caso o link acima esteja inválido, faça uma busca pelo texto completo na Web: Buscar na Web

Biblioteca Digital Brasileira de Computação - Contato:
     Mantida por: