A Tutorial on Support Vector Machines for Pattern Recognition
Data Mining and Knowledge Discovery
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Robust and efficient detection of DDoS attacks for large-scale internet
Computer Networks: The International Journal of Computer and Telecommunications Networking
DDoS attack detection method using cluster analysis
Expert Systems with Applications: An International Journal
Network intrusion and fault detection: a statistical anomaly approach
IEEE Communications Magazine
Hi-index | 0.00 |
Distributed denial of service (DDoS) attack is one of the major threats to the current Internet. After analyzing the characteristics of DDoS attacks and the existing Algorithms to detect DDoS attacks, this paper proposes a novel detecting algorithm for DDoS attacks based on IP address features value (IAFV). IAFV is designed to reflect the essential DDoS attacks characteristics, such as the abrupt traffic change, flow dissymmetry, distributed source IP addresses and concentrated target IP addresses. IAFV time series can be used to characterize the essential change features of network flows. Furthermore, a trained support vector machine (SVM) classifier is applied to identify the DDoS attacks. The experimental results on the MIT data set show that our algorithm can detect DDoS attacks accurately and reduce the false alarm rate drastically.