Network security has become more important role today to personal users and organizations. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious problem in network. The major challenges in design of an efficient algorithm in data stream are one-pass over the input, poly-log space, poly-log update time and poly-log reporting time. In this paper, we use strongly explicit construction d-disjunct matrices in Non-adaptive group testing (NAGT) to adapt these requirements and propose a solution for fast detecting DoS and DDoS attacks based on NAGT approach.
In this paper, we propose a solution to fast detect and limit Hot-IPs using Non-Adaptive Group Testing method and dynamic firewall rules. Hot-IPs are hosts appear with high frequency in network. They can be threats such as denial of service attacks or Internet worms. Therefore, fast detecting and limiting Hot-IPs are very important issues in network to decrease these risks. Non-adaptive group testing method is used to fast detect Hot-IPs. We also implement parallel processing algorithm with PVM to reduce the decoding time. Beside on that, we use dynamic firewall rules to increase flexibility and security. This approach helps to decrease time to lookup rules and improve the performance for firewall processing.
Network monitoring system is an important task for network administrator to monitor states of the operation of network devices, servers, network services, or network traffics. This task is often solved by setting-up a monitoring server and implement agents at monitored objects. This paper presents a solution to monitor Hot-IPs in high speed network at ISP side. It does not need to specify which objects should be monitored and also does not need to establish connections between the network monitoring system and these monitored servers or setup agents in these servers. This solution can be applied at ISP networks to reduce some risks on Internet network and early alert to customers. In proposed solution, Hot-IPs will be fast detected using Non-adaptive group testing and then transfer to monitor mode. At this mode, Hot-IPs are monitored to determine what is a risk and what is not.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.