Characteristics Extraction and Detection of RoQ Attack
DOI:
Author:
Affiliation:

Clc Number:

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Reduction of quality (RoQ) attack is an atypical denial of service (DoS) attack, which has a strong concealment. Consequently, most traditional methods of detection are no longer applicable. There are a number of new methods developed recently. However, most of these methods have higher false positive rate in varying degree. In this paper, a novel method is proposed based on the principle of time-frequency analysis with Wavelet multi-resolution and Cepstral technique. First, according to different time-domain characteristics, the potential anomaly is detected and the abrupt change point is located. Secondly, the local traffic around the abrupt change point is analyzed by cepstrum. The potential characteristics of attack periodicity is extracted. By the two-stage detection, this new method ultimately can confirm whether the network is affected by the attack. Results of simulations and real network experiments demonstrate that the presented algorithm can detect RoQ attacks accurately with very low false positive rate and false negative rate.

    Reference
    Related
    Cited by
Get Citation

文坤,杨家海,李晨曦,程凤娟,尹辉. RoQ攻击的特征提取和检测.软件学报,2015,26(S2):90-99

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:May 02,2014
  • Revised:August 22,2014
  • Adopted:
  • Online: January 11,2016
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063