Research on the Detection of Distributed Denial of Service Attacks Based on the Characteristics of IP Flow

Authors:
Dongqi Wang;Guiran Chang;Xiaoshuo Feng;Rui Guo
Affiliations:
Northeastern University, Shenyang, China;Northeastern University, Shenyang, China;Northeastern University, Shenyang, China;Northeastern University, Shenyang, China
Venue:
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Year:
2008

Citing 5
Cited 1

Detecting Incoming and Outgoing DDoS Attacks at the Edge Using a Single Set of Network Characteristics

ISCC '05 Proceedings of the 10th IEEE Symposium on Computers and Communications
A Novel Model for Detecting Application Layer DDoS Attacks

IMSCCS '06 Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences - Volume 2 (IMSCCS'06) - Volume 02
Intelligent DDoS packet filtering in high-speed networks

ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Toward modeling lightweight intrusion detection system through correlation-based hybrid feature selection

CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
A new DDoS detection model using multiple SVMs and TRA

EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing

Distributed denial of service attack detection using an ensemble of neural classifier

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

IP Flow is classified into the Micro-flow and the Macro-flow, which provides a way of selecting proper features used to detect DDoS. Five abstracted features' capabilities of recognizing DDoS are analyzed through experiments. With these features as inputs, a neural network classifier is used to detect DDoS. Experiments' results show that these IP Flow based features can be very helpful to DDoS detection if they are put together.