System identification: theory for the user
System identification: theory for the user
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Low-rate TCP-targeted denial of service attacks and counter strategies
IEEE/ACM Transactions on Networking (TON)
Evaluation of a low-rate DoS attack against iterative servers
Computer Networks: The International Journal of Computer and Telecommunications Networking
DDoS attack detection method using cluster analysis
Expert Systems with Applications: An International Journal
On remote exploitation of TCP sender for low-rate flooding denial-of-service attack
IEEE Communications Letters
Network intrusion and fault detection: a statistical anomaly approach
IEEE Communications Magazine
A DDoS attack detection mechanism based on protocol specific traffic features
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Hi-index | 0.00 |
Distributed denial of service (DDoS) attack is one of the major threats to the current Internet. The IP Flow feature value (FFV) algorithm is proposed based on the essential features of DDoS attacks, such as the abrupt traffic change, flow dissymmetry, distributed source IP addresses and concentrated target IP addresses. Using linear prediction technique, a simple and efficient ARMA prediction model is established for normal network flow. Then a DDoS attack detection scheme based on anomaly detection techniques and linear prediction model (DDAP) is designed. Furthermore, an alert evaluation mechanism is developed to reduce the false positives due to prediction error and flow noise. The experiment results demonstrate that DDAP is an efficient DDoS attacks detection scheme with more accuracy and lower false alarm rate.