The Research of DDoS Attack Detecting Algorithm Based on the Feature of the Traffic

As DDoS attacks can not be detected effectively by traditional methods in time, a DDoS attack detecting algorithm based on the relation of characteristic parameters is researched according to the analysis of the essential characteristic of DDoS. The scheme can detect a DDoS attack traffic in its early stages when the attacking packet's attribute value has no distinct features. It can differentiate DDoS from normal flash crowd traffic. The simulation shows the algorithm is more effective than traditional methods.

[1]  Mooi Choo Chuah,et al.  Packetscore: statistics-based overload control against distributed denial-of-service attacks , 2004, IEEE INFOCOM 2004.

[2]  Mun Choon Chan,et al.  On the effectiveness of DDoS attacks on statistical filtering , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[3]  Ying Huang,et al.  The Early Detection of DDoS Based on the Persistent Increment Feature of the Traffic Volume , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[4]  Wenke Lee,et al.  Proactive Intrusion Detection and Distributed Denial of Service Attacks—A Case Study in Security Management , 2002, Journal of Network and Systems Management.

[5]  H. Jonathan Chao,et al.  ALPi: A DDoS Defense System for High-Speed Networks , 2006, IEEE Journal on Selected Areas in Communications.

[6]  QUTdN QeO,et al.  Random early detection gateways for congestion avoidance , 1993, TNET.

[7]  Huizhong Sun,et al.  A High-Speed PacketScore DDoS Defense System , 2006 .

[8]  H. Jonathan Chao,et al.  High-speed router filter for blocking TCP flooding under DDoS attack , 2003, Conference Proceedings of the 2003 IEEE International Performance, Computing, and Communications Conference, 2003..

[9]  Dawn Xiaodong Song,et al.  FIT: fast Internet traceback , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[10]  H. Jonathan Chao,et al.  Transient performance of PacketScore for blocking DDoS attacks , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).