乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,8,2]],"date-time":"2024-08-02T00:16:22Z","timestamp":1722557782171},"reference-count":67,"publisher":"Wiley","issue":"6","license":[{"start":{"date-parts":[[2021,4,12]],"date-time":"2021-04-12T00:00:00Z","timestamp":1618185600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["Int J Network Mgmt"],"published-print":{"date-parts":[[2021,11]]},"abstract":"Summary<\/jats:title>With the rapid growth of security threats in computer networks, the need for developing efficient security\u2010warning systems is substantially increasing. Distributed denial\u2010of\u2010service (DDoS) and DoS attacks are still among the most effective and dreadful attacks that require robust detection. In this work, we propose a new method to detect TCP DoS\/DDoS attacks. Since analyzing network traffic is a promising approach, our proposed method utilizes network traffic by decomposing the TCP traffic into control and data planes and exploiting the dynamic time warping (DTW) algorithm for aligning these two planes with respect to the minimum Euclidean distance. By demonstrating that the distance between the control and data planes is considerably small for benign traffic, we exploit this characteristic for detecting attacks as outliers. An adaptive thresholding scheme is implemented by adjusting the value of the threshold in accordance with the local statistics of the median absolute deviation (MAD) of the distances between the two planes. We demonstrate the efficacy of the proposed method for detecting DoS\/DDoS attacks by analyzing traffic data obtained from publicly available datasets.<\/jats:p>","DOI":"10.1002\/nem.2159","type":"journal-article","created":{"date-parts":[[2021,4,12]],"date-time":"2021-04-12T13:38:49Z","timestamp":1618234729000},"update-policy":"http:\/\/dx.doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Denial of service detection using dynamic time warping"],"prefix":"10.1002","volume":"31","author":[{"ORCID":"http:\/\/orcid.org\/0000-0003-1904-2238","authenticated-orcid":false,"given":"Diab M.","family":"Diab","sequence":"first","affiliation":[{"name":"Department of Computer Science King Saud University Riyadh Saudi Arabia"},{"name":"Department of Computer Science King Saud University Riyadh 11421 Saudi Arabia"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-8074-0433","authenticated-orcid":false,"given":"Basil","family":"AsSadhan","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering King Saud University Riyadh Saudi Arabia"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-0886-6314","authenticated-orcid":false,"given":"Hamad","family":"Binsalleeh","sequence":"additional","affiliation":[{"name":"Department of Computer Science Imam Mohammad Ibn Saud Islamic University Riyadh Saudi Arabia"}]},{"given":"Sangarapillai","family":"Lambotharan","sequence":"additional","affiliation":[{"name":"Wolfson School of Mechanical, Electrical and Manufacturing Engineering Loughborough University Loughborough UK"}]},{"given":"Konstantinos G.","family":"Kyriakopoulos","sequence":"additional","affiliation":[{"name":"Wolfson School of Mechanical, Electrical and Manufacturing Engineering Loughborough University Loughborough UK"}]},{"given":"Ibrahim","family":"Ghafir","sequence":"additional","affiliation":[{"name":"Department of Computer Science University of Bradford Bradford UK"}]}],"member":"311","published-online":{"date-parts":[[2021,4,12]]},"reference":[{"key":"e_1_2_10_2_1","unstructured":"O'GormanB WueestC O'BrienD ClearyG LauH PowerJ\u2010P CorpinM CoxO WoodP WallaceS.Internet Security Threat Report (ISTR) 2019 | Symantec. Symantec;2019."},{"key":"e_1_2_10_3_1","unstructured":"CastelliC GabrielB YatesJ BoothP.Strengthening digital society against cyber shocks \u2010 Key findings from The Global State of Information Security Survey. PwC;2018."},{"key":"e_1_2_10_4_1","unstructured":"WoodP NahorneyB ChandrasekarK HaleyK WallaceS.Internet Security Threat Report. Symantec Corporation;2016."},{"key":"e_1_2_10_5_1","doi-asserted-by":"crossref","unstructured":"MorganAP CafeoJA GibbonsDI LesperanceRM SengirGH SimonAM.Cbr for dimensional management in a manufacturing plant. In: Case\u2010Based Reasoning Research and DevelopmentAhaDW WatsonI eds.Springer Berlin Heidelberg;2001;Berlin Heidelberg:597\u2010610.","DOI":"10.1007\/3-540-44593-5_42"},{"key":"e_1_2_10_6_1","doi-asserted-by":"crossref","unstructured":"GhafirI PrenosilV.DNS traffic analysis for malicious domains detection. In: 2nd International Conference on Signal Processing and Integrated Networks SPIN 2015.Institute of Electrical and Electronics Engineers Inc.;2015:613\u2010618.","DOI":"10.1109\/SPIN.2015.7095337"},{"key":"e_1_2_10_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.05.008"},{"key":"e_1_2_10_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2012.01.016"},{"key":"e_1_2_10_9_1","doi-asserted-by":"crossref","unstructured":"DiabDM AsSadhanB BinsalleehH LambotharanS KyriakopoulosKG GhafirI.Anomaly detection using dynamic time warping. In: 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).IEEE;2019:193\u2010198.","DOI":"10.1109\/CSE\/EUC.2019.00045"},{"key":"e_1_2_10_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jare.2013.11.005"},{"key":"e_1_2_10_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-020-08653-8"},{"key":"e_1_2_10_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2689001"},{"key":"e_1_2_10_13_1","doi-asserted-by":"crossref","unstructured":"LakhinaA CrovellaM DiotC.Characterization of network\u2010wide anomalies in traffic flows. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement.Association for Computing Machinery;2004;New York NY USA:201\u2010206.","DOI":"10.1145\/1028788.1028813"},{"issue":"1","key":"e_1_2_10_14_1","first-page":"65","article-title":"Primary pulmonary amyloidosis associated with multiple myeloma","volume":"54","author":"Ege E","year":"2006","journal-title":"Tuberkuloz ve Toraks"},{"key":"e_1_2_10_15_1","unstructured":"NEUSTAR.Global DDoS Attacks & Cyber Security Insights Report. October;2017."},{"key":"e_1_2_10_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/997150.997156"},{"key":"e_1_2_10_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCOMM.2013.031913.130066"},{"key":"e_1_2_10_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.031413.00127"},{"key":"e_1_2_10_19_1","unstructured":"Kaspersky Lab.The Kaspersky Lab Global IT Risk Report. Accessed: 2020\u201011\u201027;2017."},{"key":"e_1_2_10_20_1","unstructured":"BalabanD.Are you Ready for These 26 Different Types of DDoS Attacks?.https:\/\/www.securitymagazine.com\/articles\/92327-are-you-ready-for-these-26-different-types-of-ddos-attacks;2020."},{"key":"e_1_2_10_21_1","doi-asserted-by":"crossref","unstructured":"SharafaldinI Habibi\u00a0LashkariA GhorbaniA.Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP 2018 \u2010 Proceedings of the 4th International Conference on Information Systems Security and Privacy;2018:108\u2010116.","DOI":"10.5220\/0006639801080116"},{"key":"e_1_2_10_22_1","doi-asserted-by":"publisher","DOI":"10.13052\/jsn2445-9739.2017.009"},{"key":"e_1_2_10_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.engappai.2016.02.002"},{"key":"e_1_2_10_24_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2008.09.019"},{"key":"e_1_2_10_25_1","doi-asserted-by":"publisher","DOI":"10.5120\/13715-1478"},{"key":"e_1_2_10_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCC.2008.923876"},{"key":"e_1_2_10_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2011.07.032"},{"key":"e_1_2_10_28_1","unstructured":"FarniaF.Low\u2010rate false alarm anomaly\u2010based intrusion detection system with one\u2010class SVM.Ph.D. Thesis: Universit\u00e9 De Montr\u00e9al;2017."},{"key":"e_1_2_10_29_1","unstructured":"CannadyJD.Artificial neural networks for misuse detection. In: Proceedings of the 21st National Information Systems Security Conference;1998:368\u2010381."},{"key":"e_1_2_10_30_1","doi-asserted-by":"crossref","unstructured":"M Blowers J Williams 2014 155 175","DOI":"10.1007\/978-1-4614-7597-2_10"},{"key":"e_1_2_10_31_1","doi-asserted-by":"crossref","unstructured":"KruegelC TothT.Using decision trees to improve signature\u2010based intrusion detection. In: Recent Advances in Intrusion DetectionVignaG KruegelC JonssonE eds.Springer Berlin Heidelberg;2003;Berlin Heidelberg:173\u2010191.","DOI":"10.1007\/978-3-540-45248-5_10"},{"key":"e_1_2_10_32_1","doi-asserted-by":"crossref","unstructured":"BrahmiH BrahmiI Ben YahiaS.OMC\u2010IDS: At the cross\u2010roads of OLAP mining and intrusion detection. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol.\u00a07301 LNAI.Springer Berlin Heidelberg;2012:13\u201024.","DOI":"10.1007\/978-3-642-30220-6_2"},{"key":"e_1_2_10_33_1","doi-asserted-by":"crossref","unstructured":"JemiliF ZaghdoudM AhmedMB.A framework for an adaptive intrusion detection system using Bayesian network. In: 2007 IEEE Intelligence and Security Informatics.IEEE;2007:66\u201070.","DOI":"10.1109\/ISI.2007.379535"},{"key":"e_1_2_10_34_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2014.06.018"},{"key":"e_1_2_10_35_1","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/4943509"},{"key":"e_1_2_10_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSP.2006.879308"},{"issue":"5","key":"e_1_2_10_37_1","first-page":"279","article-title":"An adaptive method for source\u2010end detection of pulsing DoS attacks","volume":"7","author":"Yu M","year":"2013","journal-title":"Int J Secur Appl"},{"key":"e_1_2_10_38_1","unstructured":"AgostaJM Diuk\u2010WasserC J.An adaptive anomaly detector for worm detection. In: Proceedings of the 2nd USENIX workshop on Tackling computer systems problems with machine learning techniques;2007:1\u20106."},{"key":"e_1_2_10_39_1","first-page":"1","article-title":"Network threat detection based on correlation analysis of multi\u2010platform multi\u2010source alert data","volume":"10","author":"Lu X","year":"2018","journal-title":"Multimed Tools Appl"},{"key":"e_1_2_10_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2007.902685"},{"key":"e_1_2_10_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12083-012-0173-3"},{"key":"e_1_2_10_42_1","doi-asserted-by":"crossref","unstructured":"ChitrakarR ChuanheH.Anomaly\u2010based intrusion detection using hybrid learning approach of combining k\u2010medoids clustering and na\u00efve Bayes classification. In: 2012 International Conference on Wireless Communications Networking and Mobile Computing WiCOM 2012.IEEE;2012:1\u20105.","DOI":"10.1109\/WiCOM.2012.6478433"},{"key":"e_1_2_10_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2010.10.009"},{"key":"e_1_2_10_44_1","doi-asserted-by":"publisher","DOI":"10.1002\/nem.1923"},{"key":"e_1_2_10_45_1","doi-asserted-by":"crossref","unstructured":"ShavlikJ ShavlikM.Selection combination and evaluation of effective software sensors for detecting abnormal computer usage. In: KDD\u20102004 \u2010 Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining;2004:276\u2010285.","DOI":"10.1145\/1014052.1014084"},{"key":"e_1_2_10_46_1","doi-asserted-by":"publisher","DOI":"10.1002\/nem.1903"},{"key":"e_1_2_10_47_1","doi-asserted-by":"crossref","unstructured":"Yousefi\u2010AzarM VaradharajanV HameyL TupakulaU.Autoencoder\u2010based feature learning for cyber security applications. In: Proceedings of the International Joint Conference on Neural Networks Vol.\u00a02017\u2010May.IEEE;2017:3854\u20103861.","DOI":"10.1109\/IJCNN.2017.7966342"},{"key":"e_1_2_10_48_1","doi-asserted-by":"publisher","DOI":"10.1155\/2017\/4184196"},{"key":"e_1_2_10_49_1","doi-asserted-by":"crossref","unstructured":"JavaidA NiyazQ SunW AlamM.A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio\u2010inspired Information and Communications Technologies (formerly BIONETICS);2016.","DOI":"10.4108\/eai.3-12-2015.2262516"},{"key":"e_1_2_10_50_1","doi-asserted-by":"publisher","DOI":"10.3390\/s16101701"},{"key":"e_1_2_10_51_1","doi-asserted-by":"crossref","unstructured":"Wei\u00a0WangXZXY ShengY.Malware traffic classification using convolutional neural network for representation learning. In: International Conference on Information Networking;2017:712\u2010717.","DOI":"10.1109\/ICOIN.2017.7899588"},{"key":"e_1_2_10_52_1","doi-asserted-by":"crossref","unstructured":"TorresP CataniaC GarciaS GarinoCG.An analysis of recurrent neural networks for Botnet detection behavior. In: 2016 IEEE Biennial Congress of Argentina ARGENCON 2016.IEEE;2016:1\u20106.","DOI":"10.1109\/ARGENCON.2016.7585247"},{"key":"e_1_2_10_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2780250"},{"key":"e_1_2_10_54_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12083-017-0586-0"},{"key":"e_1_2_10_55_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2012.05.012"},{"key":"e_1_2_10_56_1","unstructured":"LimkarM RaoBR SagvekarV.Speaker recognition using VQ and DTW. In: IJCA Proceedings on International Conference on Advances in Communication and Computing Technologies 2012 Vol.\u00a0ICACACT;2012:18\u201020."},{"key":"e_1_2_10_57_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2006.06.007"},{"key":"e_1_2_10_58_1","first-page":"225","article-title":"An efficient and elastic approach for partial shape matching using DTW","author":"Khakse MM","year":"2013","journal-title":"Int J Eng Trends Technol (IJETT)"},{"key":"e_1_2_10_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/TASSP.1978.1163055"},{"key":"e_1_2_10_60_1","doi-asserted-by":"crossref","unstructured":"NanZ ZhaiL ZhaiL LiuH.Botnet homology method based on symbolic approximation algorithm of communication characteristic curve. In: 2018 15th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS).IEEE Computer Society;2018:1\u20106.","DOI":"10.1109\/AVSS.2018.8639356"},{"key":"e_1_2_10_61_1","unstructured":"SunH LuiJCS YauDKY.Defending against low\u2010rate TCP attacks: dynamic detection and protection. In: Proceedings of the 12th IEEE International Conference on Network Protocols.IEEE Computer Society;2004;USA:196\u2010205."},{"key":"e_1_2_10_62_1","doi-asserted-by":"crossref","unstructured":"NavalS LaxmiV GuptaN GaurMS RajarajanM.Exploring worm behaviors using DTW. In: Proceedings of the 7th International Conference on Security of Information and Networks.Association for Computing Machinery;2014;New York NY USA:379\u2010384.","DOI":"10.1145\/2659651.2659737"},{"key":"e_1_2_10_63_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jesp.2013.03.013"},{"key":"e_1_2_10_64_1","doi-asserted-by":"publisher","DOI":"10.3390\/en11030485"},{"key":"e_1_2_10_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3054688"},{"key":"e_1_2_10_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2997939"},{"key":"e_1_2_10_67_1","doi-asserted-by":"crossref","unstructured":"ElsayedMS Le\u2010KhacNA DevS JurcutAD.DDoSNet: A deep\u2010learning model for detecting network attacks. In: 2020 IEEE 21st International Symposium on \u201cA World of Wireless Mobile and Multimedia Networks\u201d (WoWMoM);2020:391\u2010396.","DOI":"10.1109\/WoWMoM49955.2020.00072"},{"key":"e_1_2_10_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2974293"}],"container-title":["International Journal of Network Management"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/nem.2159","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/full-xml\/10.1002\/nem.2159","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/nem.2159","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,22]],"date-time":"2023-08-22T00:49:01Z","timestamp":1692665341000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/nem.2159"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,12]]},"references-count":67,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2021,11]]}},"alternative-id":["10.1002\/nem.2159"],"URL":"https:\/\/doi.org\/10.1002\/nem.2159","archive":["Portico"],"relation":{},"ISSN":["1055-7148","1099-1190"],"issn-type":[{"value":"1055-7148","type":"print"},{"value":"1099-1190","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,12]]},"assertion":[{"value":"2021-02-24","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-03-14","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-04-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}