A Symptom based Taxonomy for Network Security


The KIPS Transactions:PartC, Vol. 13, No. 4, pp. 405-414, Aug. 2006
10.3745/KIPSTC.2006.13.4.405,   PDF Download:

Abstract

We present a symptom-based taxonomy for network security. This taxonomy classifies attacks in the network using early symptoms of the attacks. Since we use the symptom it is relatively easy to access the information to classify the attack. Furthermore we are able to classify the unknown attack because the symptoms of unknown attacks are correlated with the one of known attacks. The taxonomy classifies the attack in two stages. In the first stage, the taxonomy identifies the attack in a single connection and then, combines the single connections into the aggregated connections to check if the attacks among single connections may create the distribute attack over the aggregated connections. Hence, it is possible to attain the high accuracy in identifying such complex attacks as DDoS, Worm and Bot. We demonstrate the classification of the three major attacks in Internet using the proposed taxonomy.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
K. Y. Kim, H. K. Choi, D. H. Choi, B. H. Lee, Y. S. Choi, H. C. Bang, J. C. Na, "A Symptom based Taxonomy for Network Security," The KIPS Transactions:PartC, vol. 13, no. 4, pp. 405-414, 2006. DOI: 10.3745/KIPSTC.2006.13.4.405.

[ACM Style]
Ki Yoon Kim, Hyoung Kee Choi, Dong Hyun Choi, Byoung Hee Lee, Yoon Sung Choi, Hyo Chan Bang, and Jung Chan Na. 2006. A Symptom based Taxonomy for Network Security. The KIPS Transactions:PartC, 13, 4, (2006), 405-414. DOI: 10.3745/KIPSTC.2006.13.4.405.