|Author:||T. Gamer, C. Mayer, M. Zitterbart||links:||SlidesBibtex|
|Source:||Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2008), 34-40, Cap Esterel, France, August 2008|
Distributed denial-of-service attacks pose unpredictable threats to the Internet infrastructure and Internet-based business. Thus, many attack detection systems and anomaly detection methods were developed in the past. A realistic evaluation of these mechanisms and comparable results, however, are impossible up to now. Furthermore, an adaptation to new situations or an extension of existing systems in most cases is complex and time-consuming. Therefore, we developed a framework for attack detection which allows for an integration of various detection methods as lightweight modules. These modules can be combined easily and arbitrarily and thus, adapted to varying situations. Additionally, our framework can be applied in different runtime environments transparently. This enables an easy evaluation with meaningful and comparable results based on realistic large-scale scenarios, e.g. by using a network simulator.