IEEE Transactions on Software Engineering - Special issue on computer security and privacy
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Specification-based anomaly detection: a new approach for detecting network intrusions
Proceedings of the 9th ACM conference on Computer and communications security
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
| Hi-index | 0.00 |
With the development of network communication and collaboration, distributed denial-of-service (DDos) attack increasingly becomes one of the hardest and most annoying network security problems to address. In this paper, we present a new framework to detect the DDos attacks according to the packet flows of specific protocols. Our aim is to detect the attacks as early as possible and avoid the unnecessary false positive. A Gaussian parametrical mixture model is utilized to estimate the normal behavior and a queue model is adopted for detecting the attacks. Experiments verify that our proposed approach is effective and has reasonable accuracy.