论文信息 - Estimating Strength of a DDoS Attack Using Multiple Regression Analysis

Estimating Strength of a DDoS Attack Using Multiple Regression Analysis

Anomaly based DDoS detection systems construct profile of the traffic normally seen in the network, and identify anomalies whenever traffic deviate from normal profile beyond a threshold. This extend of deviation is normally not utilized. This paper reports the evaluation results of proposed approach that utilizes this extend of deviation from detection threshold, to estimate strength of DDoS attack using multiple regression model. A relationship is established between strength of DDoS attacks and observed deviation in sample entropy. Various statistical performance measures, such as Coefficient of determination (R2), Coefficient of Correlation (CC), Sum of Square Error (SSE), Mean Square Error (MSE), Root Mean Square Error (RMSE), Normalized Mean square Error (NMSE), Nash–Sutcliffe Efficiency Index (η) and Mean Absolute Error (MAE) are used to measure the performance of the regression model. Internet type topologies used for simulation are generated using Transit-Stub model of GT-ITM topology generator. NS-2 network simulator on Linux platform is used as simulation test bed for launching DDoS attacks with varied attack strengths. The simulation results are promising as we are able to estimate strength of DDoS attack efficiently with very less error rate using multiple regression model.

Manoj Misra | Brij B. Gupta | Ramesh C. Joshi | P. K. Agrawal

[1] Dean P. Foster,et al. The risk inflation criterion for multiple regression , 1994 .

[2] B. B. Gupta,et al. Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network , 2012, ArXiv.

[3] D. Lindley. Regression and Correlation Analysis , 1990 .

[4] B. B. Gupta,et al. FVBA: A combined statistical approach for low rate degrading and high bandwidth disruptive DDoS attacks detection in ISP domain , 2008, 2008 16th IEEE International Conference on Networks.

[5] B. B. Gupta,et al. An ISP Level Solution to Combat DDoS Attacks using Combined Statistical Based Approach , 2012, ArXiv.

[6] D. J. Allerton,et al. Book Review: GPS theory and practice. Second Edition, HOFFMANNWELLENHOFF B., LICHTENEGGER H. and COLLINS J., 1993, 326 pp., Springer, £31.00 pb, ISBN 3-211-82477-4 , 1995 .

[7] David A. Freedman,et al. Statistical Models: Theory and Practice: References , 2005 .

[8] B. B. Gupta,et al. Defending against Distributed Denial of Service Attacks: Issues and Challenges , 2009, Inf. Secur. J. A Glob. Perspect..

[9] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.