| Presentation | 2009-11-25 An analysis of IDS alerts to grasp attack situation in an third party's network Kensuke NAKATA, Hiroki TAKAKURA, Yasuo OKABE, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | To fight against emerging cyber attacks on Internet, various types of security solutions have been proposed. As one typical example, many organizations deploy Intrusion Detection Systems (IDS). Purpose of deployment of IDS is basically to protect each organization's networks. On the other hand, we frequently receive backscatter packets which are side effects of flood attack to a third-party organization. By investigating header information of the packets, we can estimate the magnitude of the attack. In this presentation, we will discuss a method to extract such information by analyzing IDS's alerts. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Intrusion Detection System / Signature-based detection / DDoS attack / DDoS attack estimation / Backscatter |
| Paper # | IA2009-62 |
| Date of Issue |
| Conference Information | |
| Committee | IA |
|---|---|
| Conference Date | 2009/11/18(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Internet Architecture(IA) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | An analysis of IDS alerts to grasp attack situation in an third party's network |
| Sub Title (in English) | |
| Keyword(1) | Intrusion Detection System |
| Keyword(2) | Signature-based detection |
| Keyword(3) | DDoS attack |
| Keyword(4) | DDoS attack estimation |
| Keyword(5) | Backscatter |
| 1st Author's Name | Kensuke NAKATA |
| 1st Author's Affiliation | Graduate School of Informatics, Kyoto University() |
| 2nd Author's Name | Hiroki TAKAKURA |
| 2nd Author's Affiliation | Academic Center for Computing and Media Studies, Kyoto University |
| 3rd Author's Name | Yasuo OKABE |
| 3rd Author's Affiliation | Academic Center for Computing and Media Studies, Kyoto University |
| Date | 2009-11-25 |
| Paper # | IA2009-62 |
| Volume (vol) | vol.109 |
| Number (no) | 299 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |