MIL-RoQ: Monitoring, Identifying and Locating the RoQ Attack in Backbone Network

doi:10.7544/issn1000-1239.2015.20148347

Abstract

Abstract: Reduction of quality (RoQ) attack is an atypical denial of service (DoS) attack, which exploits the vulnerability of TCP’s adaptive behavior that can seriously reduce or inhibit the throughput of TCP flows. While most of the defensive methods are studied on the single network access link (router), the RoQ attack can not only launch on the single network link, but also attack towards several links or even entire network, which causes more severe consequences. In order to obtain a global perspective from the network and identify the attack, in this paper we propose a traffic anomaly analysis method to monitor, identify and locate the RoQ attack in backbone network on the basis of principal component analysis (PCA) and spectrum analysis techniques. Experimental results demonstrate that our method can analyze and find anomalies in the traffic from several downstream links in backbone network, and also locate and identify the RoQ attacks accurately. Meanwhile, our method can significantly reduce the computation and complexity as it only needs to analyze local traffic data about anomalous links.

Key words: network security, anomaly detection, reduction of quality (RoQ) attack, principal component analysis (PCA), spectrum analysis

CLC Number:

TP309

Wen Kun,Yang Jiahai,Cheng Fengjuan,Yin Hui, Wang Jianfeng. MIL-RoQ: Monitoring, Identifying and Locating the RoQ Attack in Backbone Network[J]. Journal of Computer Research and Development, 2015, 52(4): 813-822.

	Articles by Authors
	Wen Kun
	Yang Jiahai
	Cheng Fengjuan
	Yin Hui
	Wang Jianfeng

[1]	Zhou Hang, Zhan Yongzhao, Mao Qirong. Video Anomaly Detection Based on Space-Time Fusion Graph Network Learning [J]. Journal of Computer Research and Development, 2021, 58(1): 48-59.
[2]	Li Xuebing, Chen Yang, Zhou Mengying, Wang Xin. Internet Data Transfer Protocol QUIC: A Survey [J]. Journal of Computer Research and Development, 2020, 57(9): 1864-1876.
[3]	Zhang Shenglin, Li Dongwen, Sun Yongqian, Meng Weibin, Zhang Yuzhe, Zhang Yuzhi, Liu Ying, Pei Dan. Unified Anomaly Detection for Syntactically Diverse Logs in Cloud Datacenter [J]. Journal of Computer Research and Development, 2020, 57(4): 778-790.
[4]	Zhang Long, Wang Jinsong. DDoS Attack Detection Model Based on Information Entropy and DNN in SDN [J]. Journal of Computer Research and Development, 2019, 56(5): 909-918.
[5]	Deng Li, Wu Weinan, Zhu Zhengyi, Chen Ming. DiffSec: A Differentiated Intelligent Network Security Service Model [J]. Journal of Computer Research and Development, 2019, 56(5): 955-966.
[6]	Xi Liang, Wang Yong, Zhang Fengbin. Anomaly Detection Algorithm Based on FCM with Adaptive Artificial Fish-Swarm [J]. Journal of Computer Research and Development, 2019, 56(5): 1048-1059.
[7]	Ren Jiadong, Liu Xinqian, Wang Qian, He Haitao, Zhao Xiaolin. An Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests [J]. Journal of Computer Research and Development, 2019, 56(3): 566-575.
[8]	Chen Xingshu, Chen Jiaxin, Jin Xin, Ge Long. Process Abnormal Detection Based on System Call Vector Space in Cloud Computing Environments [J]. Journal of Computer Research and Development, 2019, 56(12): 2684-2693.
[9]	Han Dongming,Guo Fangzhou,Pan Jiacheng,Zheng Wenting,Chen Wei. Visual Analysis for Anomaly Detection in Time-Series: A Survey [J]. Journal of Computer Research and Development, 2018, 55(9): 1843-1852.
[10]	Ni Mingtao, Zhao Bo, Wu Fusheng, Fan Peiru. CREBAD: Chip Radio Emission Based Anomaly Detection Scheme of IoT Devices [J]. Journal of Computer Research and Development, 2018, 55(7): 1451-1461.
[11]	Zhang Yuqing, Dong Ying, Liu Caiyun, Lei Kenan, Sun Hongyu. Situation, Trends and Prospects of Deep Learning Applied to Cyberspace Security [J]. Journal of Computer Research and Development, 2018, 55(6): 1117-1142.
[12]	Yang An, Hu Yan, Zhou Liang, Zheng Weimin, Shi Zhiqiang, Sun Limin. An Industrial Control System Anomaly Detection Algorithm Fusion by Information Flow and State Flow [J]. Journal of Computer Research and Development, 2018, 55(11): 2532-2542.
[13]	Zheng Zheng, Xu Mingwei, Li Qi, Zhang Yun. Defending Against SDN Network Topology Poisoning Attacks [J]. Journal of Computer Research and Development, 2018, 55(1): 207-215.
[14]	Fu Zhiyao, Gao Ling, Sun Qian, Li Yang, Gao Ni. Evaluation of Vulnerability Severity Based on Rough Sets and Attributes Reduction [J]. Journal of Computer Research and Development, 2016, 53(5): 1009-1017.
[15]	Wang Yichuan, Ma Jianfeng, Lu Di,Zhang Liumei,Meng Xianjia. Game Optimization for Internal DDoS Attack Detection in Cloud Computing [J]. Journal of Computer Research and Development, 2015, 52(8): 1873-1882.

MIL-RoQ: Monitoring, Identifying and Locating the RoQ Attack in Backbone Network

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments