東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Internet security and quality-of-ser...

Park, Junghun.

Linked to FindBook

Google Book

Amazon

博客來

Internet security and quality-of-service provision via machine-learning theory.

Record Type:	Language materials, printed : Monograph/item
Title/Author:	Internet security and quality-of-service provision via machine-learning theory./
Author:	Park, Junghun.
Description:	126 p.
Notes:	Adviser: C.-C. Jay Kuo.
Contained By:	Dissertation Abstracts International67-10B.
Subject:	Computer Science. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3237707
ISBN:	9780542924231

Internet security and quality-of-service provision via machine-learning theory.
Park, Junghun.

Internet security and quality-of-service provision via machine-learning theory. - 126 p.

Adviser: C.-C. Jay Kuo.

Thesis (Ph.D.)--University of Southern California, 2006.

To detect DoS (Denial-of-Service) attacks, two mechanisms based on traffic pattern monitoring using HMMs (Hidden Markov Model) and multiple Markov models are proposed in this research. To effectively design a detector against the TCP SYN flooding attack, we first analyze the dynamic behavior of real world attacks and then propose a stateful HMM detector to achieve early detection with high accuracy. Multiple HMMs can achieve the advantages of misuse detection and anomaly detection by training them differently. With the stateful mechanism, the impact of background noise due to the protocol behavior can be mitigated. We compare the proposed HMM detector with the stateless Cumulative Sum (CUSUM) and the stateful CUSUM detector using trace-driven simulations. Simulation results show that the proposed HMM detector provides earlier detection time and a higher detection rate under the same false alarm rate.

ISBN: 9780542924231Subjects--Topical Terms:

626642
Computer Science.

Internet security and quality-of-service provision via machine-learning theory.
LDR:03104nam 2200301 a 45 001 967183
005 20110915
008 110915s2006 eng d
020 $a 9780542924231
035 $a (UnM)AAI3237707
035 $a AAI3237707
040 $a UnM $c UnM
100 1 $a Park, Junghun. $3 1291068
245 1 0 $a Internet security and quality-of-service provision via machine-learning theory.
300 $a 126 p.
500 $a Adviser: C.-C. Jay Kuo.
500 $a Source: Dissertation Abstracts International, Volume: 67-10, Section: B, page: 5958.
502 $a Thesis (Ph.D.)--University of Southern California, 2006.
520 $a To detect DoS (Denial-of-Service) attacks, two mechanisms based on traffic pattern monitoring using HMMs (Hidden Markov Model) and multiple Markov models are proposed in this research. To effectively design a detector against the TCP SYN flooding attack, we first analyze the dynamic behavior of real world attacks and then propose a stateful HMM detector to achieve early detection with high accuracy. Multiple HMMs can achieve the advantages of misuse detection and anomaly detection by training them differently. With the stateful mechanism, the impact of background noise due to the protocol behavior can be mitigated. We compare the proposed HMM detector with the stateless Cumulative Sum (CUSUM) and the stateful CUSUM detector using trace-driven simulations. Simulation results show that the proposed HMM detector provides earlier detection time and a higher detection rate under the same false alarm rate.
520 $a Furthermore, we develop a detector using multiple Markov models to detect the UDP flooding attack in wireless networks. The high-rate attack using UDP can be detected easily since there are few legitimate users using UDP in the network. However, it is difficult to detect subtle UDP flooding attacks since there are many UDP-based applications with a dynamic traffic rate. A Markov model is used to characterize the traffic pattern. Multiple Markov models are trained with normal traffic and some deviations from the normal traffic, and they are integrated into a single detector. The proposed detector is compared with the batch-sequential detection algorithm in terms of the false alarm rate and detection latency.
520 $a Finally, to support various Internet services such as QoS, security, and accounting, the Internet traffic classification problem is studied. The proposed classification process consists of two steps: feature selection and classification. Candidate features that can be easily obtained by ISPs are considered. Then, we perform feature reduction to balance the performance and complexity. Decision trees are adopted as classifiers. It is demonstrated by simulations with real data that the proposed classification scheme outperforms existing techniques.
590 $a School code: 0208.
650 4 $a Computer Science. $3 626642
650 4 $a Engineering, Electronics and Electrical. $3 626636
690 $a 0544
690 $a 0984
710 2 0 $a University of Southern California. $3 700129
773 0 $t Dissertation Abstracts International $g 67-10B.
790 $a 0208
790 1 0 $a Kuo, C.-C. Jay, $e advisor
791 $a Ph.D.
792 $a 2006
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3237707