izvorni znanstveni rad
Distributed Denial of Service attacks present a serious threat to Internet security. There is a great effort in research that focuses on the detection of the DoS attack. The most common DoS attack detection method rely on the number of the TCP control packet in the network flow. The Bloom filter represents a space-efficient data structure that is commonly used to detect matching pairs. There are multiple algorithms for the DoS attack detection based on the Bloom filter. The SACK2 algorithm uses the SYN/ACK - ACK matching pair detection with the Bloom filter data structure. The false positive error introduced by the Bloom filter influences on the matching pair detection in the algorithm. The improved SACK2 algorithm significantly reduces the false positive error by replacing the Counting Bloom Filter (CBF) data structure with the Dual Counting Bloom Filter (DCBF) data structure. This improvement significantly improves the matching pair detection. It is expected that the false positive error should influence on the detection of the DoS attack. In this paper, the experimental study is performed to analyse this influence. This study confirms the correlation between the false positive error and the DoS attack detection.
DoS, Bloom filter, DCBF, False positive error
Razvojem virtualizacijskih tehnologija raste kompleksnost IT sustava, dok korisnici istovremeno zahtijevaju brži pristup resursima, napredne integracije i jednostavnost korištenja. Jedno od ključnih rješenja za ove izazove primjena je…
Ovaj rad istražuje i uspoređuje mogućnosti prosljeđivanja grafičkih kartica na Hyper-V i KVM hipervizorima prema virtualnim strojevima, detaljno opisujući metode, postupke i razlike u arhitekturi koje utječu na…
The ever-growing usage and adaptation of HTTP/3 in web traffic leverages Quick UDP Internet Connections (QUIC) as a transport protocol. QUIC is widely recognized for reduced latency, enhanced…