IEEE Transactions on Computers (TC) has moved to the OnlinePlus publication model starting with 2013 issues!

From the January 2015 issue

Fool Me If You Can: Mimicking Attacks and Anti-Attacks in Cyberspace

By Shui Yu, Song Guo, and Ivan Stojmenovic

Featured article thumbnail imageBotnets have become major engines for malicious activities in cyberspace nowadays. To sustain their botnets and disguise their malicious actions, botnet owners are mimicking legitimate cyber behavior to fly under the radar. This poses a critical challenge in anomaly detection. In this paper, we use web browsing on popular web sites as an example to tackle this problem. First of all, we establish a semi-Markov model for browsing behavior. Based on this model, we find that it is impossible to detect mimicking attacks based on statistics if the number of active bots of the attacking botnet is sufficiently large (no less than the number of active legitimate users). However, we also find it is hard for botnet owners to satisfy the condition to carry out a mimicking attack most of the time. With this new finding, we conclude that mimicking attacks can be discriminated from genuine flash crowds using second order statistical metrics. We define a new fine correntropy metrics and show its effectiveness compared to others. Our real world data set experiments and simulations confirm our theoretical claims. Furthermore, the findings can be widely applied to similar situations in other research fields.

download PDF View the PDF of this article      csdl View this issue in the digital library


Editorials and Announcements

Announcements

New Essential Set

Editorials

Guest Editorials

Call-for-Papers

 

Reviewers List

Annual Index


Access Recently Published TC Articles

RSS Subscribe to the RSS feed of latest TC content added to the digital library

Mail Sign up for the Transactions Connection newsletter.


Importance of Coherence Protocols with Network Applications on Multi-Core Processors

 

Automated Generation of Performance and Dependability Models for the Assessment of Wireless Sensor Networks

 

IEEE Transactions on Computers (TC) is a monthly publication that publishes research in such areas as computer organizations and architectures, digital devices, operating systems, and new and important applications and trends. 
Read the full scope of TC