论文信息 - Research on the Detection of Distributed Denial of Service Attacks Based on the Characteristics of IP Flow

Research on the Detection of Distributed Denial of Service Attacks Based on the Characteristics of IP Flow

IP Flow is classified into the Micro-flow and the Macro-flow, which provides a way of selecting proper features used to detect DDoS. Five abstracted features' capabilities of recognizing DDoS are analyzed through experiments. With these features as inputs, a neural network classifier is used to detect DDoS. Experiments' results show that these IP Flow based features can be very helpful to DDoS detection if they are put together.

Rui Guo | Guiran Chang | Dongqi Wang | Xiaoshuo Feng

[1] Sui Song,et al. Flow-based Statistical Aggregation Schemes for Network Anomaly Detection , 2006, 2006 IEEE International Conference on Networking, Sensing and Control.

[2] Gavrilis Dimitris,et al. Feature Selection for Robust Detection of Distributed Denial-of-Service Attacks Using Genetic Algorithms , 2004 .

[3] He Da-ke. Time Series Analysis for One-Way Connection Density of Network Flow , 2007 .

[4] Shunzheng Yu,et al. A Novel Model for Detecting Application Layer DDoS Attacks , 2006, First International Multi-Symposiums on Computer and Computational Sciences (IMSCCS'06).

[5] Jung-Taek Seo,et al. A New DDoS Detection Model Using Multiple SVMs and TRA , 2005, EUC Workshops.

[6] Feng Deng. A Data-Mining Based DoS Detection Technique , 2006 .

[7] Wanlei Zhou,et al. Intelligent DDoS Packet Filtering in High-Speed Networks , 2005, ISPA.

[8] Gong Jian,et al. A Real-Time Anomaly Detection Model Based on Sampling Measurement in a High-Speed Network , 2003 .

[9] Dong Seong Kim,et al. Toward Modeling Lightweight Intrusion Detection System Through Correlation-Based Hybrid Feature Selection , 2005, CISC.

[10] Basil S. Maglaris,et al. Detecting incoming and outgoing DDoS attacks at the edge using a single set of network characteristics , 2005, 10th IEEE Symposium on Computers and Communications (ISCC'05).