A multi-core based DDoS detection method

It is becoming increasing difficult to implement an effective DDoS Defense System, because (1) the raising sophistication of DDoS attack requires more complex analysis to detect, (2) internet traffic grows bigger and bigger which needs more powerful system to monitor. Taking advantages of the great improvement in multi-core technology, a multi-core based DDoS detection system (MIFDDS) is proposed in this work. MIFDDS was the redesign of the IP flow based DDoS detection system (IFDDS) [1]. In MIFDDS, multi-core methodology was used to achieve high detecting efficiency. Experimental results show that: MIFDDS maintained the good detection precision of IFDDS and increased detecting speed; MIFDDS consumed more RAM but not too much; MIFDDS also improved CPU's efficiency.

[1]  Joseph JáJá,et al.  An Introduction to Parallel Algorithms , 1992 .

[2]  S. Sitharama Iyengar,et al.  Introduction to parallel algorithms , 1998, Wiley series on parallel and distributed computing.

[3]  Shrisha Rao,et al.  Content-Split Based Effective String-Matching for Multi-Core Based Intrusion Detection Systems , 2009, 2009 First International Conference on Computational Intelligence, Communication Systems and Networks.

[4]  Wanlei Zhou,et al.  Multi-Core Defense System (MSDS) for Protecting Computer Infrastructure against DDoS Attacks , 2008, 2008 Ninth International Conference on Parallel and Distributed Computing, Applications and Technologies.

[5]  Vern Paxson,et al.  An architecture for exploiting multi-core processors to parallelize network intrusion prevention , 2007, 2007 IEEE Sarnoff Symposium.

[6]  Xiang Yang,et al.  A Multi-core Supported Intrusion Detection System , 2008, 2008 IFIP International Conference on Network and Parallel Computing.

[7]  Vern Paxson,et al.  An architecture for exploiting multi-core processors to parallelize network intrusion prevention , 2007 .

[8]  B. Nithya,et al.  Implementing Intrusion Detection System for Multicore Processor , 2009, ARTCom.

[9]  Wanlei Zhou,et al.  Multi-classifier Classification of Spam Email on a Ubiquitous Multi-core Architecture , 2008, 2008 IFIP International Conference on Network and Parallel Computing.

[10]  Rui Guo,et al.  Research on the Detection of Distributed Denial of Service Attacks Based on the Characteristics of IP Flow , 2008, NPC.

[11]  Wanlei Zhou,et al.  Protecting Information Systems from DDoS Attack Using Multicore Methodology , 2008, 2008 IEEE 8th International Conference on Computer and Information Technology Workshops.