Journal of Intelligent Manufacturing
FireCol: a collaborative protection network for the detection of flooding DDoS attacks
IEEE/ACM Transactions on Networking (TON)
Dual-Level Attack Detection, Characterization and Response for Networks Under DDoS Attacks
International Journal of Mobile Computing and Multimedia Communications
| Hi-index | 0.00 |
High bandwidth DDoS attacks consume more resources and have direct impact at ISP level in contrast to low rate DDoS attacks leading to graceful degradation of network and being mostly undetectable. Although an array of detection schemes have been proposed, current requirement is a real time DDoS detection mechanism that adapts itself to varying network conditions to give minimum false alarms. We treat DDoS attacks as events that disturb the distribution of traffic features in ISP domain reflected by entropic variations on in stream samples. Next we propose to calibrate the detection mechanism for minimum false alarm rate by varying tolerance factor in real time. Simulations are carried out in ns-2 at different attack strengths. We also report our experimental results over KDD 99 dataset. Results show that the proposed approach is comparable to previously reported approaches with an advantage of variable rate attack detection and minimum false alarms.