Low-Rate and High-Rate Distributed DoS Attack Detection Using Partial Rank Correlation

Distributed Denial of Service (DDoS) attacks pose a serious threat to efficient and uninterrupted Internet services. During Distributed Denial of Service (DDoS), attackers make fool of innocent servers (i.e., Slave) into reddening packets to the victim. Most low-rate DDoS attack detection mechanisms are associated with specific protocols used by the attacks. Due to the use of slave, it has been found that the traffic flow for such an attack and their response flow to the victim may have linear relationships with another. Based on this observation, we propose the Partial Rank Correlation-based Detection (PRCD) scheme to detect both low-rate and high-rate DDoS attacks. Our experimental results confirm theoretical analysis and demonstrate the effectiveness of the proposed scheme in practice.

[1]  G. Manimaran,et al.  Distributed packet pairing for reflector based DDoS attack mitigation , 2006, Comput. Commun..

[2]  Jelena Mirkovic,et al.  D-WARD: a source-end defense against flooding denial-of-service attacks , 2005, IEEE Transactions on Dependable and Secure Computing.

[3]  Song Guo,et al.  Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient , 2012, IEEE Transactions on Parallel and Distributed Systems.

[4]  Jun Zhang,et al.  Network Traffic Classification Using Correlation Information , 2013, IEEE Transactions on Parallel and Distributed Systems.

[5]  Yonghong Chen,et al.  DDoS Detection Method Based on Chaos Analysis of Network Traffic Entropy , 2014, IEEE Communications Letters.

[6]  Jugal K. Kalita,et al.  Survey on Incremental Approaches for Network Anomaly Detection , 2011, Int. J. Commun. Networks Inf. Secur..

[7]  A. Rényi On Measures of Entropy and Information , 1961 .

[8]  D. Goyal,et al.  A Rank Correlation Based Detection against Distributed Reflection DoS Attacks , 2014 .

[9]  Jugal K. Kalita,et al.  AOCD: An Adaptive Outlier Based Coordinated Scan Detection Approach , 2012, Int. J. Netw. Secur..

[10]  Nirwan Ansari,et al.  Detecting DRDoS attacks by a simple response packet confirmation mechanism , 2008, Comput. Commun..

[11]  Vern Paxson,et al.  An analysis of using reflectors for distributed denial-of-service attacks , 2001, CCRV.

[12]  Lee Garber,et al.  Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[13]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[14]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.