Fuzdetect: sistema de detecção e classificação de ataques de negação de serviço
| Ano de defesa: | 2019 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal da Paraíba
Brasil Informática Programa de Pós-Graduação em Informática UFPB |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | https://repositorio.ufpb.br/jspui/handle/123456789/16606 |
Resumo: | With the increase in the number of devices connected to the Internet, the speed and dynamismintheexchangeofinformationbecamemorerelevant,alongwithgreaterinteractivity between the communication parties. Although such an increase has brought immediate convergence in the exchange of information, one of the biggest side effects of this new Internet model, known as the Internet of Things, is the incresing facility for perpetration in these devices, since in most cases they don’t have essential safety appliances in their implementation, this leads to a discrepant growth in the magnitude of existing attacks, such as Distributed Denial of Service Attacks. Denial of Service attacks may vary upon its nature, however they all have a final goal: to prevent the target to receive new requests and at the same time, be similar to a legitimate traffic. Faced with these challenges, this work proposes the creation of FuzDetect solution. A system that not only alerts when an attack is happening, but also classifies it. The FuzDetect system collect data from a Software Defined Networking, through a lightweight method, without inspect packages like traditional methods. Then, all metadata collected will be saved on a database in order to make them persistent. In the final step, a classification system, implemented with fuzzy logic, will analyzethelastmetadatacollectedandthenclassifyeachoneintoattacksubtypesorlegitimatetraffic. Thesystemisabletoadaptitselftoanynetworkdynamically,withthesupport of Particle Swarm Optimization. The results were extracted from tests in networks with different topologies and traffic configurations. They were also generated with and without the use of Particle Swarm Optimization, thus demonstrating the efficiency of the proposal. WhenusingParticleSwarmOptimization,thetraffics,laterclassified,presentedthecorrect approximate output, in all cases. |