Adaptive Intrusion Detection: A Data Mining Approach
Artificial Intelligence Review - Issues on the application of data mining
Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
IEEE Transactions on Computers
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Detecting Denial-of-Service attacks using the wavelet transform
Computer Communications
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
Hi-index | 0.00 |
With the rapid development of network, a variety of abnormal flow including the most popular DDoS attacks appear in the network, these abnormal flow greatly limit the Internet providing normal bandwidth services to the normal users. It is difficult to correctly distinguish the legitimate burst flow and the DDoS attacks by using the unilateral flow to analyze and detect the anomaly flow, so we propose a bidirectional-based DDoS detection mechanism. The detection mechanism put forward a state model which includes eight kinds of nodes by analyzing the input and output flow of the network nodes and the relationship between the input and output flow. Through the further analysis of the state model, we can distinguish the abnormal flow and the legitimate burst flow. The detection mechanism plays a timely role in early warning and prevention. The simulation results show that the bidirectional-based DDoS detection mechanism is effective and feasible.