A method of run-time detecting DDos attacks

  • Authors:
  • Muhai Li;Ming Li

  • Affiliations:
  • School of Information Science & Technology, East China Normal University, Shanghai, PR. China and Department of Computer Science, Zaozhuang University, Shandong, PR. China;School of Information Science & Technology, East China Normal University, Shanghai, PR. China

  • Venue:
  • ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Distribution denial-of-service (DDoS) constitutes one of the major threats and among the hardest security problems in today's Internet. However, DDoS detection techniques, such as signature-based detection, anomaly-based detection, and wavelet-based signal analysis, face the considerable challenge of determining network-based flooding attacks from sudden increases in legitimate activity or flash events. In this paper, we study the basic characteristic of network traffic, and propose a method for meeting the challenge. By taking full advantage of known traffic in normal state, we design a detection algorithm for dealing with DDoS attacks. We have carried out experiments with actual data to evaluate the algorithm. The results show that it can recognize DDoS attacks.