1-2hit |
Sanghun CHOI Yichen AN Iwao SASASE
The flooding DDoS attack is a serious problem these days. In order to detect the flooding DDoS attack, the survival approaches and the mitigation approaches have been investigated. Since the survival approach occurs the burden on the victims, the mitigation approach is mainly studied. As for the mitigation approaches, to detect the flooding DDoS attack, the conventional schemes using the bloom filter, machine learning, and pattern analyzation have been investigated. However, those schemes are not effective to ensure the high accuracy (ACC), the high true positive rate (TPR), and the low false positive rate (FPR). In addition, the data size and calculation time are high. Moreover, the performance is not effective from the fluctuant attack packet per second (pps). In order to effectively detect the flooding DDoS attack, we propose the lightweight detection using bloom filter against flooding DDoS attack. To detect the flooding DDoS attack and ensure the high accuracy, the high true positive rate, and the low false positive rate, the dec-all (decrement-all) operation and the checkpoint are flexibly changed from the fluctuant pps in the bloom filter. Since we only consider the IP address, all kinds of flooding attacks can be detected without the blacklist and whitelist. Moreover, there is no complexity to recognize the attack. By the computer simulation with the datasets, we show our scheme achieves an accuracy of 97.5%. True positive rate and false positive rate show 97.8% and 6.3%, respectively. The data size for processing is much small as 280bytes. Furthermore, our scheme can detect the flooding DDoS attack at once in 11.1sec calculation time.
Sanghun CHOI Shuichiro HARUTA Yichen AN Iwao SASASE
Since the owner's data might be leaked from the centralized server storage, the distributed storage schemes with the server storage have been investigated. To ensure the owner's data in those schemes, they use Reed Solomon code. However, those schemes occur the burden of data capacity since the parity data are increased by how much the disconnected data can be restored. Moreover, the calculation time for the restoration will be higher since many parity data are needed to restore the disconnected data. In order to reduce the burden of data capacity and the calculation time, we proposed the server-based distributed storage using Secret Sharing with AES-256 for lightweight safety restoration. Although we use Secret Sharing, the owner's data will be safely kept in the distributed storage since all of the divided data are divided into two pieces with the AES-256 and stored in the peer storage and the server storage. Even though the server storage keeps the divided data, the server and the peer storages might know the pair of divided data via Secret Sharing, the owner's data are secure in the proposed scheme from the inner attack of Secret Sharing. Furthermore, the owner's data can be restored by a few parity data. The evaluations show that our proposed scheme is improved for lightweight, stability, and safety.