Intrusion Tolerance of Stealth DoS Attacks to Web Services

Abstract : This paper focuses on one of the most harmful categories of Denial of Service attacks, commonly known in the literature as “stealth” attacks. They are performed avoiding to send significant volumes of data, by injecting into the network a low-rate flow of packets in order to evade rate-controlling detection mechanisms. This work presents an intrusion tolerance solution, which aims at providing minimal level of services, even when the system has been partially compromised by such attacks. It describes all protection phases, from monitoring to diagnosis and recovery. Preliminary experimental results show that the proposed approach results in a better performance of Intrusion Prevention Systems, in terms of reducing service unavailability during stealth attacks.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.579-584, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_52〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518217
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:16
Dernière modification le : jeudi 4 mai 2017 - 14:53:56
Document(s) archivé(s) le : samedi 5 août 2017 - 13:06:35

Fichier

978-3-642-30436-1_52_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Massimo Ficco, Massimiliano Rak. Intrusion Tolerance of Stealth DoS Attacks to Web Services. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.579-584, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_52〉. 〈hal-01518217〉

Partager

Métriques

Consultations de la notice

61

Téléchargements de fichiers

33