Open AccessJournal Article
DDoS attacks detection model and its application
Muhai Li,Ming Li,Xiuying Jiang +2 more
Reads0
Chats0
TLDR
This paper gives a model for detecting DDoS attacks based on network traffic feature to solve the problem above and designs its implementation algorithm, and evaluation result shows that it can identifyDDoS attacks.Abstract:
With the proliferation of Internet applications and network-centric services, network and system security issues are more important than before. In the past few years, cyber attacks, including distributed denial-of-service (DDoS) attacks, have a significant increase on the Internet, resulting in degraded confidence and trusts in the use of Internet. However, the present DDoS attack detection techniques face a problem that they cannot distinguish flooding attacks from abrupt changes of legitimate activity. In this paper, we give a model for detecting DDoS attacks based on network traffic feature to solve the problem above. In order to apply the model conveniently, we design its implementation algorithm. By using actual data to evaluate the algorithm, the evaluation result shows that it can identify DDoS attacks.read more
Citations
More filters
Journal ArticleDOI
Defending against Distributed Denial of Service Attacks: Issues and Challenges
TL;DR: A comprehensive study of a wide range of DDoS attacks and defense methods proposed to combat them is presented to provide better understanding of the problem, current solution space, and future research scope to defend against DDoS attack.
Journal Article
An Entropy Based Approach to Detect and Distinguish DDoS Attacks from Flash Crowds in VoIP Networks
N. Jeyanthi,N. Ch. S. N. Iyengar +1 more
TL;DR: The tra‐c condition and the purpose of dealings varies which helps in outwitting the attackers are observed and the entropy packet analysis is used to minimize the tra‐ c reaching the server.
Proceedings ArticleDOI
A New Approach for Detecting DDoS Attacks Based on Wavelet Analysis
TL;DR: A model for detecting DDoS attacks automatically is proposed using discrete wavelet transform (DWT) technique and good results are obtained in terms of tradeoff between correct detections and false alarms.
Journal ArticleDOI
An Adaptive Approach for Defending against DDoS Attacks
TL;DR: An adaptive approach is introduced, which is used for defending against DDoS attacks, based on normal traffic analysis, and it is indicated that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.
Journal ArticleDOI
Performance Evaluation and Comparison of Network Firewalls under DDoS Attack
Chirag Sheth,Rajesh A. Thakker +1 more
TL;DR: It is attempted to identify various firewall DDoS performance parameters which can be considered during DDoS attack and intelligence is applied in PF firewall rulebase to mitigate DDoS.
References
More filters
Proceedings Article
Bro: a system for detecting network intruders in real-time
TL;DR: Bro as mentioned in this paper is a stand-alone system for detecting network intruders in real-time by passively monitoring a network link over which the intruder's traffic transits, which emphasizes high-speed (FDDI-rate) monitoring, realtime notification, clear separation between mechanism and policy and extensibility.
Journal ArticleDOI
Bro: a system for detecting network intruders in real-time
Vern Paxson,Vern Paxson +1 more
TL;DR: An overview of the Bro system's design, which emphasizes high-speed (FDDI-rate) monitoring, real-time notification, clear separation between mechanism and policy, and extensibility, is given.
Proceedings ArticleDOI
A signal analysis of network traffic anomalies
TL;DR: This paper reports results of signal analysis of four classes of network traffic anomalies: outages, flash crowds, attacks and measurement failures, and shows that wavelet filters are quite effective at exposing the details of both ambient and anomalous traffic.
Journal ArticleDOI
Honeycomb: creating intrusion detection signatures using honeypots
Christian Kreibich,Jon Crowcroft +1 more
TL;DR: A system for automated generation of attack signatures for network intrusion detection systems that successfully created precise traffic signatures that otherwise would have required the skills and time of a security officer to inspect the traffic manually.
Related Papers (5)
Two-Layer Approach for Mixed High-Rate and Low-Rate Distributed Denial of Service (DDoS) Attack Detection and Filtering
Sinan Toklu,Mehmet Şimşek +1 more
Statistical Anomaly Detection of DDoS Attacks Using K-Nearest Neighbour
Thwe Thwe Oo,Thandar Phyu +1 more