On localization attacks to internet threat monitors: An information-theoretic framework

Wei Yu, Nan Zhang, Xinwen Fu, Riccardo Bettati, Wei Zhao

Research output: Contribution to conferencePaperpeer-review

2 Scopus citations

Abstract

Internet Threat Monitoring (ITM) systems are a widely deployed facility to detect, analyze, and characterize dangerous Internet threats such as worms and distributed denial-of-service (DDoS) attacks. Nonetheless, an ITM system can also become the target of attack. In this paper, we address localization attacks against ITM systems in which an attacker impairs the effectiveness of ITM systems by identifying the locations of ITM monitors. We propose an information-theoretic framework for the modeling of localization attacks as communication channels. Based on the information-theoretic model, we generalize all existing attacks as "temporal attacks", derive closed formulae of their performance, and propose an effective detection approach. The information-theoretic model also inspires a new attack called a spatial attack and motivates the corresponding detection approach. We show simulation results that support our theoretic findings.

Original languageEnglish (US)
Pages356-365
Number of pages10
DOIs
StatePublished - 2008
Event2008 International Conference on Dependable Systems and Networks, DSN-2008 - Anchorage, AK, United States
Duration: Jun 24 2008Jun 27 2008

Other

Other2008 International Conference on Dependable Systems and Networks, DSN-2008
Country/TerritoryUnited States
CityAnchorage, AK
Period6/24/086/27/08

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'On localization attacks to internet threat monitors: An information-theoretic framework'. Together they form a unique fingerprint.

Cite this