 |
Institut de recherche en informatique et systèmes aléatoires |  |
|
Institut de recherche en informatique et systèmes aléatoires | |
| HAL : hal-00677077, version 1 |
| Fiche détaillée |  Récupérer au format |
 |
| Ninth European Dependable Computing Conference (EDCC 2012), Sibiu : Romania (2012) |
|
|
|
|
| AnKLe: Detecting Attacks in Large Scale Systems via Information Divergence |
|
|
| Emmanuelle Anceaume 1, 2Yann Busnel 3 |
|
|
| LINA-GDD; IRISA-CIDER; IRISA-CIDRE Collaboration(s) |
|
|
| (05/2012) |
|
|
|
| In this paper, we consider the setting of large scale distributed systems, in which each node needs to quickly process a huge amount of data received in the form of a stream that may have been tampered with by an adversary. In this situation, a fundamental problem is how to detect and quantify the amount of work performed by the adversary. To address this issue, we propose AnKLe (for Attack-tolerant eNhanced Kullback- Leibler divergence Estimator), a novel algorithm for estimating the KL divergence of an observed stream compared to the expected one. AnKLe com- bines sampling techniques and information-theoretic methods. It is very efficient, both in terms of space and time complexities, and requires only a single pass over the data stream. Experimental results show that the estimation provided by AnKLe remains accurate even for different adversarial settings for which the quality of other methods dramatically decreases. |
|
|
|
|
|
|
|
|
|
|
|
| 1 : | CIDER (IRISA) |
|
|
|
Université de Rennes 1 – Institut National des Sciences Appliquées (INSA) - Rennes – CNRS : UMR6074 |
|
|
| 2 : | CIDRE (INRIA - SUPELEC) |
|
|
|
INRIA – SUPELEC |
|
|
| 3 : | Laboratoire d'Informatique de Nantes Atlantique (LINA) |
|
|
|
CNRS : UMR6241 – Université de Nantes – École Nationale Supérieure des Mines - Nantes |
|
|
|
|
|
|
|
|
|
| Domaine | : | Informatique/Calcul parallèle, distribué et partagé Informatique/Théorie de l'information et codage Mathématiques/Théorie de l'information et codage |
|
|
| Data Stream – Kullback-Leibler Diver- gence – Sampling – Byzantine Adversary – Scalability – Performance Analysis |
|
|
|
| Liste des fichiers attachés à ce document : | |||||
|
|||||
|
|
|
| hal-00677077, version 1 | |
| http://hal.archives-ouvertes.fr/hal-00677077 | |
| oai:hal.archives-ouvertes.fr:hal-00677077 | |
| Contributeur : Yann Busnel | |
| Soumis le : Mercredi 7 Mars 2012, 13:45:37 | |
| Dernière modification le : Lundi 1 Octobre 2012, 09:08:29 | |
