Advertisement

Remediating Anomalous Traffic Behaviour in Future Networked Environments

  • Angelos K. Marnerides
  • Matthew Jakeman
  • David Hutchison
  • Dimitrios P. Pezaros
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 63)

Abstract

The diverse characteristics of network anomalies, and the specific recovery approaches that can subsequently be employed to remediate their effects, have generally led to defence mechanisms tuned to respond to specific abnormalities; and they are often suboptimal for providing an overall resilience framework. Emerging future network environments are likely to require always-on, adaptive, and generic mechanisms that can integrate with the core networking infrastructure and provide for a range of self-* capabilities, ranging from self-protection to self-tuning. In this paper we present the design and implementation of an adaptive remediation component built on top of an autonomic network node architecture. A set of pluggable modules that employ diverse algorithms, together with explicit cross-layer interaction, has been engineered to mitigate different classes of anomalous traffic behaviour in response to both legitimate and malicious external stimuli. In collaboration with an always-on measurement-based anomaly detection component, our prototype facilitates the properties of self-optimisation and self-healing.

Keywords

Future and autonomic networks resilience remediation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Asosheh, A., Ramezani, N.: A Comprehensive Taxonomy of DDoS Attacks and Defence Mechanism Applying in a Smart Classification. WSEAS Transactions on Computers 7(7), 281–290 (2008)Google Scholar
  2. 2.
    Autonomic Network Architecture (ANA) Project details, http://www.ana-project.org
  3. 3.
    Barabasi, A., Albert, L.: Emergence of scaling in random networks. Science, 509–512 (October 1999)Google Scholar
  4. 4.
    Boston University Representative Internet Topology Generator (BRITE), http://www.cs.bu.edu/brite
  5. 5.
    Bu, T., Towsley, D.: On distinguishing between Internet power law topology generators. In: IEEE INFOCOM 2002, New York, USA, June 23-27 (2002)Google Scholar
  6. 6.
    De Figueiredo, L.H., Ierusalimschy, R., Celes, W.: LUA: An Extensible Embedded Language. Journal of Software Tools 21(12) (1996); National Center for Biotechnology, Information, http://www.ncbi.nlm.nih.gov
  7. 7.
    Floyd, S., Jacobson, V.: Random Early Detection gateways for Congestion Avoidance. IEEE/ACM Transactions in Networking 1, 397–413 (1993)CrossRefGoogle Scholar
  8. 8.
    Hutchison, D., Sterbenz, J.P.G., Jabbar, A., Sholler, M.: D3.2: Resilience/Security Framework, Deliverable D3.2 ANA (December 2006)Google Scholar
  9. 9.
    Marnerides, A.K., Pezaros, D.P., Hutchison, D.: Detection and Mitigation of Abnormal Traffic Behaviour in Autonomic Networked Environments. In: 4th ACM SIGCOMM CoNEXT Student Workshop, Madrid, Spain, December 9-12 (2008)Google Scholar
  10. 10.
    Marnerides, A.K., Pezaros, D.P., Hutchison, D.: Autonomic Diagnosis of Anomalous Network Traffic. In: 4th IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications (AOC 2010), Montreal, Canada, June 14-17 (2010)Google Scholar
  11. 11.
    Pezaros, D.P.: Cross-Layer Optimisation of Network Response at the Onset of Bursty Requests. In: Proceedings of Multi-Service Networks (MSN 2006), Cosener’s House, Abingdon, UK, July 13-14 (2006)Google Scholar
  12. 12.
    Pezaros, D., P., Marnerides A., K., Hutchison D.: 2008 D3.10: Measurement-based Resilience Mechanisms, Deliverable D3.10 ANA (December 2008) Google Scholar
  13. 13.
    Pezaros, D.P., Mathy, L.: Explicit Application-Network Cross-layer Optimisation. In: 4th International Telecommunication NEtworking WorkShop (IT-NEWS) on QoS in Multiservice IP Networks (QoS-IP 2008), Venice, Italy, February 13-15 (2008)Google Scholar
  14. 14.
    Sifalakis, M., Louca, A., Peluso, L., Mauthe, A., Zseby, T.: A Functional Composition Framework for Autonomic Network Architectures. In: Proceedings of 2nd IEEE International Workshop on Autonomic Communications and Network Management (IEEE NOMS/ACNM 2008), Salvador, Bahia, Brazil, April 7-11 (2008)Google Scholar
  15. 15.
    The Network Simulator 2 (NS2), http://www.isi.edu/nsnam/ns/

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2011

Authors and Affiliations

  • Angelos K. Marnerides
    • 1
  • Matthew Jakeman
    • 1
  • David Hutchison
    • 1
  • Dimitrios P. Pezaros
    • 2
  1. 1.Infolab21, Computing DepartmentLancaster UniversityLancasterUK
  2. 2.Department of Computing ScienceUniversity of GlasgowGlasgowUK

Personalised recommendations