By Topic

A novel data streaming method detecting superpoints

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Weijiang Liu ; School of Electronic and Information Engineering, Dalian University of Technology, China ; Wenyu Qu ; Gong Jian ; Li Keqiu

Internet attacks such as distributed denial-of-service (DDoS) attacks and worm attacks are increasing in severity. Identifying realtime attack and mitigation of Internet traffic is an important and challenging problem for network administrators. A compromised host doing fast scanning for worm propagation can make a very high number of connections to distinct destinations within a short time. We call such a host a superpoint, which is the source that connect to a large number of distinct destinations. Detecting superpoints can be utilized for traffic engineering and anomaly detection. We propose a novel data streaming method for detecting superpoints and prove guarantees on their accuracy and memory requirements. The core of this method is a novel data structure called Vector Bloom Filter (VBF). A VBF is a variant of standard Bloom Filter (BF). The VBF consists of 6 hash functions, 4 hash functions of which projectively select some consecutive bits from original strings as function values. We obtain the information of superpoints using the overlapping of hash bit strings of the VBF. The theoretical analysis and experiment results show that our schemes can precisely and efficiently detect superpoints.

Published in:

Computer Communications Workshops (INFOCOM WKSHPS), 2011 IEEE Conference on

Date of Conference:

10-15 April 2011