Wavelet analysis method for detection of DDoS attack on the basis of self-similarity

As the traditional methods were not suitable for the detection of small distribute denial of service (DDoS) attack and identification of busy traffic, on the basis of the influence of DDoS attack, one wavelet analysis method was proposed. Wavelet method of coefficient variance analysis was deduced and a software model for the method was designed. In addition, key issues of the choice of wavelet and calculation of Hurst were resolved. The experimental results show that the proposed method has more advantages in accurately identifying busy traffic and detection of small DDoS attack.

[1]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[2]  Jiang Shi-qi Abnormity Detection of Network Traffic Applied Self-Similarity Analysis of Network Traffics , 2003 .

[3]  Sally Floyd,et al.  Wide area traffic: the failure of Poisson modeling , 1995, TNET.

[4]  Ingrid Daubechies,et al.  Ten Lectures on Wavelets , 1992 .

[5]  Guizhong Liu,et al.  Wavelet-based analysis of hurst parameter estimation for self-similar traffic , 2002, 2002 IEEE International Conference on Acoustics, Speech, and Signal Processing.

[6]  Patrice Abry,et al.  Wavelet Analysis of Long-Range-Dependent Traffic , 1998, IEEE Trans. Inf. Theory.

[7]  Sun Qin Detecting Distributed Denial of Service Attacks Based on Time Series Analysis , 2005 .

[8]  Stuart Harvey Rubin,et al.  Distributed denial of service attacks , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[9]  Walter Willinger,et al.  On the self-similar nature of Ethernet traffic , 1993, SIGCOMM '93.