IEEE Transactions on Software Engineering - Special issue on computer security and privacy
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Introduction to Reinforcement Learning
Introduction to Reinforcement Learning
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Multiagent Reinforcement Learning: Theoretical Framework and an Algorithm
ICML '98 Proceedings of the Fifteenth International Conference on Machine Learning
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
A reinforcement learning approach for host-based intrusion detection using sequences of system calls
ICIC'05 Proceedings of the 2005 international conference on Advances in Intelligent Computing - Volume Part I
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
Multi-Agent Reinforcement Learning for Intrusion Detection: A Case Study and Evaluation
MATES '08 Proceedings of the 6th German conference on Multiagent System Technologies
Multi-Agent Reinforcement Learning for Intrusion Detection: A case study and evaluation
Proceedings of the 2008 conference on ECAI 2008: 18th European Conference on Artificial Intelligence
DDoS attack detection using K-Nearest Neighbor classifier method
Telehealth/AT '08 Proceedings of the IASTED International Conference on Telehealth/Assistive Technologies
Distributed denial of service attack detection using an ensemble of neural classifier
Computer Communications
Engineering Applications of Artificial Intelligence
| Hi-index | 0.00 |
In recent years, distributed denial of service (DDoS) attacks have brought increasing threats to the Internet since attack traffic caused by DDoS attacks can consume lots of bandwidth or computing resources on the Internet and the availability of DDoS attack tools has become more and more easy. However, due to the similarity between DDoS attack traffic and transient bursts of normal traffic, it is very difficult to detect DDoS attacks accurately and quickly. In this paper, a novel DDoS detection approach based on Hidden Markov Models (HMMs) and cooperative reinforcement learning is proposed, where a distributed cooperation detection scheme using source IP address monitoring is employed. To realize earlier detection of DDoS attacks, the detectors are distributed in the mediate network nodes or near the sources of DDoS attacks and HMMs are used to establish a profile for normal traffic based on the frequencies of new IP addresses. A cooperative reinforcement learning algorithm is proposed to compute optimized strategies of information exchange among the distributed multiple detectors so that the detection accuracies can be improved without much load on information communications among the detectors. Simulation results on distributed detection of DDoS attacks generated by TFN2K tools illustrate the effectiveness of the proposed method.