Detection of DDoS traffic by using the technical analysis used in the stock market

Authors:
Junghoon Yun;Song Chong
Affiliations:
Division of Electrical Engineering, School of EECS, KAIST, Daejeon, Republic of Korea;Division of Electrical Engineering, School of EECS, KAIST, Daejeon, Republic of Korea
Venue:
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Year:
2009

Citing 2
Cited 0

Aberrant Behavior Detection in Time Series for Network Monitoring

LISA '00 Proceedings of the 14th USENIX conference on System administration
Profiling internet backbone traffic: behavior models and applications

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a method for detecting Distributed Denial of Service (DDoS) traffic in real-time inside the network. For this purpose, we borrow the concepts of Moving Average Convergence Divergence, Rate of Change, and Relative Strength Index, which are used for technical analysis in the stock market. Due to the fact that the method is based on a quantitative, rather than a heuristic, detection level, DDoS traffic can be detected with greater accuracy (by reducing the false alarm ratio). Through detection algorithm and simulation results, we show how the detection level is determined and demonstrate the degree to which the accuracy of detection is enhanced.