DaSSWeb – Data Science and Statistics Webinar
Tuesday 29 June, 14:30
Speaker: M. Rosário Oliveira CEMAT and Mathematics Department, Instituto Superior Técnico, Univ. Lisboa
Title: Detection of Internet Traffic Redirection Attacks using Histogram Principal Component Analysis
Zoom link: videoconf-colibri.zoom.us/j/87373848710
Abstract: Internet security is a major concern for users and Internet Service Providers, since successful attacks can produce substantial damage. Illicit Internet traffic redirection cause man-in-the-middle attacks, in which a malicious agent secretly intercepts the traffic between two hosts connected to the Internet. The attack may be aimed at gaining access to sensitive information from the victim, monitoring its online activity, causing network delay, among other motivations.
To identify traffic redirection attacks we had access to measurements obtained from a worldwide distributed probing platform, designed to detect routing variations based on round-trip-times (RTT) deviations inferred from multiple and disperse geographic locations. At each timestamp, various measurements are collected and summarized by histograms. We propose anomaly detection methods based on histogram principal component analysis. To do so, we discuss how to define a weighted sum of histogram-valued data and how to use the projected data on the first histogram principal component to successfully detect traffic redirections attacks.
This is a joint work with Ana Subtil, Eduardo Mendes, and Lina Oliveira.
***********************************************************************
DaSSWeb_MRosarioOliveira.pdf