By Topic

SPADE: Statistical Packet Acceptance Defense Engine

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Tzur-David, S. ; Hebrew Univ. Of Jerusalem, Jerusalem, Israel ; Avissar, H. ; Dolev, D. ; Anker, T.

A security engine should detect network traffic attacks at line-speed. "Learning" capabilities can help detecting new and unknown threats even before a vulnerability is exploited. The principal way for achieving this goal is to model anticipated network traffic behavior, and to use this model for identifying anomalies. This paper focuses on denial of service (DoS) attacks and distributed DoS (DDoS). Our goal is detecting and preventing of attacks. The main challenges include minimizing the false-positive rate and the memory consumption. SPADE: a Statistical Packet Acceptance Defense Engine is presented. SPADE is an accurate engine that uses an hierarchical adaptive structure to detect suspicious traffic using a relatively small memory footprint, therefore can be easily applied on hardware. SPADE is based on the assumption that during DoS/DDoS attacks, a significant portion of the traffic that is seen belongs to the attack, therefore, SPADE applies a statistical mechanism to primarily filter the attack's traffic.

Published in:

High Performance Switching and Routing (HPSR), 2010 International Conference on

Date of Conference:

13-16 June 2010