Measurements and analysis of end-to-end Internet dynamics
Measurements and analysis of end-to-end Internet dynamics
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Network intrusion detection in covariance feature space
Pattern Recognition
Detecting Denial-of-Service attacks using the wavelet transform
Computer Communications
DDoS attack detection method using cluster analysis
Expert Systems with Applications: An International Journal
Probabilistic techniques for intrusion detection based on computer audit data
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Hi-index | 0.00 |
Distribution denial-of-service (DDoS) constitutes one of the major threats and among the hardest security problems in today's Internet. However, DDoS detection techniques, such as signature-based detection, anomaly-based detection, and wavelet-based signal analysis, face the considerable challenge of determining network-based flooding attacks from sudden increases in legitimate activity or flash events. In this paper, we study the basic characteristic of network traffic, and propose a method for meeting the challenge. By taking full advantage of known traffic in normal state, we design a detection algorithm for dealing with DDoS attacks. We have carried out experiments with actual data to evaluate the algorithm. The results show that it can recognize DDoS attacks.