SAS/ETS User's Guide, Version 6
SAS/ETS User's Guide, Version 6
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
Computer Networks and ISDN Systems
A Mathematical Theory of Communication
A Mathematical Theory of Communication
Neural Networks: A Comprehensive Foundation (3rd Edition)
Neural Networks: A Comprehensive Foundation (3rd Edition)
DDoS attacks detection model and its application
WSEAS Transactions on Computers
Planning of educational training courses by data mining: Using China Motor Corporation as an example
Expert Systems with Applications: An International Journal
A method of run-time detecting DDos attacks
ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
Hybrid Intrusion Forecasting Framework for Early Warning System
IEICE - Transactions on Information and Systems
A decision support system for constructing an alert classification model
Expert Systems with Applications: An International Journal
Detecting DDoS Attacks Using Dispersible Traffic Matrix and Weighted Moving Average
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
DDoS Attack Detection Algorithm Using IP Address Features
FAW '09 Proceedings of the 3d International Workshop on Frontiers in Algorithmics
Network forensics based on fuzzy logic and expert system
Computer Communications
Expert Systems with Applications: An International Journal
DDoS attack detection using K-Nearest Neighbor classifier method
Telehealth/AT '08 Proceedings of the IASTED International Conference on Telehealth/Assistive Technologies
DDoS attack detection method based on linear prediction model
ICIC'09 Proceedings of the 5th international conference on Emerging intelligent computing technology and applications
Random effects logistic regression model for anomaly detection
Expert Systems with Applications: An International Journal
Preprocessing DNS log data for effective data mining
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A distributed sinkhole detection method using cluster analysis
Expert Systems with Applications: An International Journal
An entropy based approach for DDoS attack detection in IEEE 802.16 based networks
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Self-adaptive and dynamic clustering for online anomaly detection
Expert Systems with Applications: An International Journal
A hybrid defense mechanism for DDoS attacks using cluster analysis in MANET
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Advanced probabilistic approach for network intrusion forecasting and detection
Expert Systems with Applications: An International Journal
Intelligent network security assessment with modeling and analysis of attack patterns
Security and Communication Networks
Survey A model-based survey of alert correlation techniques
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 12.06 |
Distributed Denial of Service (DDoS) attacks generate enormous packets by a large number of agents and can easily exhaust the computing and communication resources of a victim within a short period of time. In this paper, we propose a method for proactive detection of DDoS attack by exploiting its architecture which consists of the selection of handlers and agents, the communication and compromise, and attack. We look into the procedures of DDoS attack and then select variables based on these features. After that, we perform cluster analysis for proactive detection of the attack. We experiment with 2000 DARPA Intrusion Detection Scenario Specific Data Set in order to evaluate our method. The results show that each phase of the attack scenario is partitioned well and we can detect precursors of DDoS attack as well as the attack itself.