Detection of DDoS Traffic by Using the Technical Analysis Used in the Stock Market
暂无分享,去创建一个
We propose a method for detecting Distributed Denial of Service (DDoS) traffic in real-time inside the network. For this purpose, we borrow the concepts of Moving Average Convergence Divergence, Rate of Change, and Relative Strength Index, which are used for technical analysis in the stock market. Due to the fact that the method is based on a quantitative, rather than a heuristic, detection level, DDoS traffic can be detected with greater accuracy (by reducing the false alarm ratio). Through detection algorithm and simulation results, we show how the detection level is determined and demonstrate the degree to which the accuracy of detection is enhanced.
[1] Jake D. Brutlag,et al. Aberrant Behavior Detection in Time Series for Network Monitoring , 2000, LISA.
[2] Mark Crovella,et al. Distributed Spatial Anomaly Detection , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.
[3] Zhi-Li Zhang,et al. Profiling internet backbone traffic: behavior models and applications , 2005, SIGCOMM '05.
[4] Artur Ziviani,et al. Network anomaly detection using nonextensive entropy , 2007, IEEE Communications Letters.