To reduce the potential signaling traffic in IP multimedia subsystem (IMS), the session establishment procedures were investigated. The serving call session eontrol function (S-CSCF) is the major bottleneck in IMS...To reduce the potential signaling traffic in IP multimedia subsystem (IMS), the session establishment procedures were investigated. The serving call session eontrol function (S-CSCF) is the major bottleneck in IMS and the existing 3GPP service triggering algorithm (STA) based on initial filter eriteria (iFC) increases the end-to-end session setup delay remarkably. To reduce the session setup delay and improve the system performanee, a SIP response message based filter criteria (rFC) was proposed. Based on the rFC, a SIP response message based STA (RSTA) was further proposed. The modeling and theoretical analysis of 3GPP STA and RSTA were presented. Simulation results show that, compared with 3GPP STA, the RSTA can avoid the additional signaling traffie load of the S-CSCF and application server (AS) effectively, reduce the session setup delay eonsiderably, increase the throughput of the S-CSCF and improve the quality of service (QoS) of IMS network.展开更多
HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by ...HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.展开更多
基金Supported by National Science Fund for Distinguished Young Scholars (No. 60525110)National Basic Research Program of China (No.2007CB307100, 2007CB307103)+1 种基金Program for New Century Excellent Talents in University (No. NCET-04-0111 )Development Fund Project for Electronic and Information Industry (Mobile Service and Application System Based on 3G)
文摘To reduce the potential signaling traffic in IP multimedia subsystem (IMS), the session establishment procedures were investigated. The serving call session eontrol function (S-CSCF) is the major bottleneck in IMS and the existing 3GPP service triggering algorithm (STA) based on initial filter eriteria (iFC) increases the end-to-end session setup delay remarkably. To reduce the session setup delay and improve the system performanee, a SIP response message based filter criteria (rFC) was proposed. Based on the rFC, a SIP response message based STA (RSTA) was further proposed. The modeling and theoretical analysis of 3GPP STA and RSTA were presented. Simulation results show that, compared with 3GPP STA, the RSTA can avoid the additional signaling traffie load of the S-CSCF and application server (AS) effectively, reduce the session setup delay eonsiderably, increase the throughput of the S-CSCF and improve the quality of service (QoS) of IMS network.
基金supported by National Key Basic Research Program of China(973 program)under Grant No.2012CB315905National Natural Science Foundation of China under grants 61172048,61100184,60932005 and 61201128the Fundamental Research Funds for the Central Universities under Grant No ZYGX2011J007
文摘HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.
