Detection and identification of neptune attacks and flash crowds

Quyen Le The, Marat Zhanikeev, Yoshiaki Tanaka

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Neptune attack and Flash Crowd are two typical threats to web servers. These two anomalies have many identical features that make them difficult to distinguish. In this paper, we propose a statistical packet-based method to detect Neptune attacks and Flash Crowds and more importantly, by performing separate analysis by source address aggregation, we also propose additional efficient means to differentiate these two similar anomalies.

    Original languageEnglish
    Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Pages571-574
    Number of pages4
    Volume4773 LNCS
    Publication statusPublished - 2007
    Event10th Asia-Pacific Network Operations and Management Symposium, APNOMS 2007 - Sapporo
    Duration: 2007 Oct 102007 Oct 12

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume4773 LNCS
    ISSN (Print)03029743
    ISSN (Electronic)16113349

    Other

    Other10th Asia-Pacific Network Operations and Management Symposium, APNOMS 2007
    CitySapporo
    Period07/10/1007/10/12

    Fingerprint

    Flash
    Anomaly
    Servers
    Agglomeration
    Attack
    Web Server
    Differentiate
    Aggregation

    ASJC Scopus subject areas

    • Computer Science(all)
    • Biochemistry, Genetics and Molecular Biology(all)
    • Theoretical Computer Science

    Cite this

    The, Q. L., Zhanikeev, M., & Tanaka, Y. (2007). Detection and identification of neptune attacks and flash crowds. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4773 LNCS, pp. 571-574). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4773 LNCS).

    Detection and identification of neptune attacks and flash crowds. / The, Quyen Le; Zhanikeev, Marat; Tanaka, Yoshiaki.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4773 LNCS 2007. p. 571-574 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4773 LNCS).

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    The, QL, Zhanikeev, M & Tanaka, Y 2007, Detection and identification of neptune attacks and flash crowds. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 4773 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4773 LNCS, pp. 571-574, 10th Asia-Pacific Network Operations and Management Symposium, APNOMS 2007, Sapporo, 07/10/10.
    The QL, Zhanikeev M, Tanaka Y. Detection and identification of neptune attacks and flash crowds. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4773 LNCS. 2007. p. 571-574. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
    The, Quyen Le ; Zhanikeev, Marat ; Tanaka, Yoshiaki. / Detection and identification of neptune attacks and flash crowds. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4773 LNCS 2007. pp. 571-574 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
    @inproceedings{ce648ce4602e43518efc4efb1c73b823,
    title = "Detection and identification of neptune attacks and flash crowds",
    abstract = "Neptune attack and Flash Crowd are two typical threats to web servers. These two anomalies have many identical features that make them difficult to distinguish. In this paper, we propose a statistical packet-based method to detect Neptune attacks and Flash Crowds and more importantly, by performing separate analysis by source address aggregation, we also propose additional efficient means to differentiate these two similar anomalies.",
    author = "The, {Quyen Le} and Marat Zhanikeev and Yoshiaki Tanaka",
    year = "2007",
    language = "English",
    isbn = "9783540754756",
    volume = "4773 LNCS",
    series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
    pages = "571--574",
    booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

    }

    TY - GEN

    T1 - Detection and identification of neptune attacks and flash crowds

    AU - The, Quyen Le

    AU - Zhanikeev, Marat

    AU - Tanaka, Yoshiaki

    PY - 2007

    Y1 - 2007

    N2 - Neptune attack and Flash Crowd are two typical threats to web servers. These two anomalies have many identical features that make them difficult to distinguish. In this paper, we propose a statistical packet-based method to detect Neptune attacks and Flash Crowds and more importantly, by performing separate analysis by source address aggregation, we also propose additional efficient means to differentiate these two similar anomalies.

    AB - Neptune attack and Flash Crowd are two typical threats to web servers. These two anomalies have many identical features that make them difficult to distinguish. In this paper, we propose a statistical packet-based method to detect Neptune attacks and Flash Crowds and more importantly, by performing separate analysis by source address aggregation, we also propose additional efficient means to differentiate these two similar anomalies.

    UR - http://www.scopus.com/inward/record.url?scp=38149023388&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=38149023388&partnerID=8YFLogxK

    M3 - Conference contribution

    AN - SCOPUS:38149023388

    SN - 9783540754756

    VL - 4773 LNCS

    T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

    SP - 571

    EP - 574

    BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

    ER -