Effective detection of various kinds of cyberattacks using histogram database technology
Project/Area Number |
25330131
|
Research Category |
Grant-in-Aid for Scientific Research (C)
|
Allocation Type | Multi-year Fund |
Section | 一般 |
Research Field |
Multimedia database
|
Research Institution | Kyushu University |
Principal Investigator |
Feng Yaokai 九州大学, システム情報科学研究科(研究院, 助教 (60363389)
|
Project Period (FY) |
2013-04-01 – 2016-03-31
|
Project Status |
Completed (Fiscal Year 2015)
|
Budget Amount *help |
¥4,810,000 (Direct Cost: ¥3,700,000、Indirect Cost: ¥1,110,000)
Fiscal Year 2015: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
Fiscal Year 2014: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
Fiscal Year 2013: ¥2,470,000 (Direct Cost: ¥1,900,000、Indirect Cost: ¥570,000)
|
Keywords | 分散型攻撃 / 挙動に基づく異常検知 / サイバーセキュリティ / ポートスキャン攻撃 / DRDoS攻撃 / DNS amp 攻撃 / DDoS攻撃 / C&C 通信 / ポートスキャン / Behavior mode / behavior-based detection / Frequency distribution / Learning algorithm / Cyber attacks / Distributed attacks / Port scan attacks / 挙動に基づいた検知 / 評価関数 |
Outline of Final Research Achievements |
1) For detecting many kinds of cyber attacks, features and machine learning algorithms were tested and their detection performance was verified. Specifically, DRDoS attacks, DNS amp attacks, the sign of DDoS attacks. 2) Histogram construction method was investigated by further detailed analysis of the behavior of the cyber attacks that have been collected. The performance was also demonstrated. 3) In order to dynamically and rapidly construct histogram in real time from large, multidimensional packet datasets was invesitgated. To accomplish an effective and rapid abnormality detection system, it is necessary to construct dynamically a moving histogram at high speed. We developed a method to incrementally construct histograms.
|
Report
(4 results)
Research Products
(15 results)