Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Time Series Analysis: Forecasting and Control
Time Series Analysis: Forecasting and Control
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Distributed-Log-based Scheme for IP Traceback
CIT '05 Proceedings of the The Fifth International Conference on Computer and Information Technology
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Denial of Service against the Domain Name System
IEEE Security and Privacy
Low-rate TCP-targeted denial of service attacks and counter strategies
IEEE/ACM Transactions on Networking (TON)
Proactive model for Mitigating Internet Denial-of-Service Attacks
ITNG '07 Proceedings of the International Conference on Information Technology
How well can congestion pricing neutralize denial of service attacks?
Proceedings of the 12th ACM SIGMETRICS/PERFORMANCE joint international conference on Measurement and Modeling of Computer Systems
A DDoS attack detection mechanism based on protocol specific traffic features
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
| Hi-index | 0.00 |
Denial-of-Service (DoS) attacks especially distributed DoS (DDoS) attacks have become significant and increasing threats to the Internet. Huge efforts from both academia and industry have been made on detection and defense of DDoS attacks. However, most detection and defense schemes do not directly aim at protecting the victim of attacks itself (e.g., servers) but attack sources or intermediate network units. Although locating and identifying attacking sources are critical to stop attacks and for legal procedure, rapid and efficient predicting DDoS attacks to happen in the server is more important to reduce damage caused by attacks and even prevent attacks from happening. However, this part has not been addressed sufficiently in the literature. In this paper, we first briefly review research efforts on DDoS attacks, and then discuss a method to define and quantify attacks to severs based on available service rates. This is because the server is often the direct victim of DDoS attacks and the one-point failure of the entire service system. No matter whether there are attacks undergoing, if a sever is overloaded even by normal service requests, the effect imposed to a service system is equivalent to that of attacks. A prediction method for the available service rate of the protected server is then proposed, which applies the Auto Regressive Integrated Auto Regressive (ARIMA) model. Finally, we investigate the proposed prediction method to predict DDoS attacks through simulation studies with NS2. The simulation results show that the prediction algorithm is effective to predict most attacks.