Automated signature extraction for high volume attacks

Yehuda Afek; Anat Bremler-Barr; Shir Landau Feibish

doi:10.1109/ANCS.2013.6665197

2013 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)

Automated signature extraction for high volume attacks

Year: 2013, Pages: 147-156

DOI Bookmark: 10.1109/ANCS.2013.6665197

Authors

Yehuda Afek, Blavatnik School of Computer Sciences, Tel Aviv University, Israel
Anat Bremler-Barr, Computer Science Dept., Interdisciplinary Center, Herzliya, Israel
Shir Landau Feibish, Blavatnik School of Computer Sciences, Tel Aviv University, Israel

Abstract

We present a basic tool for zero day attack signature extraction. Given two large sets of messages, P of messages captured in the network at peacetime (i.e., mostly legitimate traffic) and A captured during attack time (i.e., contains many attack messages), we present a tool for extracting a set S of strings, that are frequently found in A and not in P. Therefore, a packet containing one of the strings from S is likely to be an attack packet.

Like what you’re reading?

Already a member?

Get this article FREE with a new membership!

Hop-by-Hop cooperative detection of selective forwarding attacks in energy harvesting wireless sensor networks
2015 International Conference on Computing, Networking and Communications (ICNC)
Detection and Prevention of Distributed Denial of Service Attacks in VANETs
2016 International Conference on Computational Science and Computational Intelligence (CSCI)
A feasible method to combat against DDoS attack in SDN network
2015 International Conference on Information Networking (ICOIN)
An Entropy-Based Distributed DDoS Detection Mechanism in Software-Defined Networking
2015 IEEE Trustcom/BigDataSE/ISPA
Low-Rate Denial-of-Service Attacks against HTTP/2 Services
2015 5th International Conference on IT Convergence and Security (ICITCS)
Towards Increasing the Error Handling Time Window in Large-Scale Distributed Systems Using Console and Resource Usage Logs
2015 IEEE Trustcom/BigDataSE/ISPA
Heuristics for Detecting Botnet Coordinated Attacks
2010 International Conference on Availability, Reliability and Security
Epilepsy, a Cyberattack on Brains’ Networked Control System
2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA)
Automatic Discovery of Software Attacks via Backward Reasoning
2015 IEEE/ACM 1st International Workshop on Software Protection (SPRO)
Zero-Day Signature Extraction for High-Volume Attacks
IEEE/ACM Transactions on Networking

Automated signature extraction for high volume attacks

Authors

Abstract

Related Articles