Anomaly based DDoS Attack Detection

Distributed denial-of-service (DDoS) attack poses a serious threat to network security. Several methods have been introduced to reduce the damage. However, most of the methods have been found unable to detect the attack in realtime with high detection accuracy. This paper presents a simple yet effective method to detect DDoS attack for all possible attack scenarios given by Mirkoviac [1] viz constant rate, pulsing rate, increasing rate and sub-group. The proposed method is validated using well known CAIDA dataset. General Terms Pattern Recognition, Security.

[1]  Manish Parashar,et al.  Cooperative Defence Against DDoS Attacks , 2006, J. Res. Pract. Inf. Technol..

[2]  Antonio Pescapè,et al.  A cascade architecture for DoS attacks detection based on the wavelet transform , 2009, J. Comput. Secur..

[3]  Kai Hwang,et al.  NetShield: Protocol Anomaly Detection with Datamining Against DDoS Attacks , 2003 .

[4]  Ming Li,et al.  A New Approach for Detecting DDoS Attacks Based on Wavelet Analysis , 2009, 2009 2nd International Congress on Image and Signal Processing.

[5]  Srinivasan Seshan,et al.  Detecting DDoS Attacks on ISP Networks , 2003 .

[6]  A. Rungsawang,et al.  Distributed denial of service detection using TCP/IP header and traffic measurement analysis , 2004, IEEE International Symposium on Communications and Information Technology, 2004. ISCIT 2004..

[7]  Ki Hoon Kwon,et al.  DDoS attack detection method using cluster analysis , 2008, Expert Syst. Appl..

[8]  Erol Gelenbe,et al.  A self-aware approach to denial of service defence , 2007, Comput. Networks.

[9]  Jianping Yin,et al.  DDoS Attack Detection Method Based on Linear Prediction Model , 2009, ICIC.

[10]  Gyungho Lee,et al.  DDoS Attack Detection and Wavelets , 2003, Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712).

[11]  Chin-Ling Chen A New Detection Method for Distributed Denial-of-Service Attack Traffic based on Statistical Test , 2009, J. Univers. Comput. Sci..

[12]  Dhruba Kumar Bhattacharyya,et al.  A DDoS attack detection mechanism based on protocol specific traffic features , 2012, CCSEIT '12.

[13]  Wuu Yang,et al.  DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis , 2009, 2009 Third International Conference on Multimedia and Ubiquitous Engineering.

[14]  Ruby B. Lee,et al.  Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.

[15]  Yongsun Choi,et al.  Proactive Detection of DDoS Attacks Utilizing k-NN Classifier in an Anti-DDos Framework , 2010 .

[16]  Dimitris Gavrilis,et al.  Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features , 2005, Comput. Networks.

[17]  Georgios Loukas,et al.  A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network , 2007, Comput. J..

[18]  N. Jeyanthi,et al.  An Entropy Based Approach to Detect and Distinguish DDoS Attacks from Flash Crowds in VoIP Networks , 2012, Int. J. Netw. Secur..

[19]  Kai Hwang,et al.  Distributed Change-Point Detection of DDoS Attacks over Multiple Network Domains ∗ , 2006 .

[20]  Rajkumar Buyya,et al.  Informatica - An International Journal of Computing and Informatics , 1999 .

[21]  Ahmad Faraahi,et al.  An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks , 2011 .

[22]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[23]  Farouk Kamoun,et al.  Joint Entropy Analysis Model for DDoS Attack Detection , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[24]  Hong Zhu,et al.  NetBouncer: client-legitimacy-based high-performance DDoS filtering , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[25]  Raphael C.-W. Phan,et al.  Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[26]  Jelena Mirkovic,et al.  Attacking DDoS at the source , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[27]  Jianhua Li,et al.  Enhancing DDoS Flood Attack Detection via Intelligent Fuzzy Logic , 2010, Informatica.

[28]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[29]  Thiagarajan Hamsapriya,et al.  Statistical Segregation Method to Minimize the False Detections During DDoS Attacks , 2011, Int. J. Netw. Secur..

[30]  Vyas Sekar,et al.  LADS: Large-scale Automated DDoS Detection System , 2006, USENIX Annual Technical Conference, General Track.