Elements of information theory
Elements of information theory
SYN-dog: Sniffing SYN Flooding Sources
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Sensitivity of PCA for traffic anomaly detection
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Reversible sketches: enabling monitoring and analysis over high-speed data streams
IEEE/ACM Transactions on Networking (TON)
Detecting VoIP Floods Using the Hellinger Distance
IEEE Transactions on Parallel and Distributed Systems
Traffic flooding attack detection with SNMP MIB using SVM
Computer Communications
Network anomaly detection based on wavelet analysis
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Anomaly extraction in backbone networks using association rules
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Sketch-based SIP flooding detection using Hellinger distance
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Network Anomaly Detection Using a Commute Distance Based Approach
ICDMW '10 Proceedings of the 2010 IEEE International Conference on Data Mining Workshops
Hi-index | 0.00 |
Flooding attacks detection in traffic of backbone networks requires generally the analysis of a huge amount of data with high accuracy and low complexity. In this paper, we propose a new scheme to detect flooding attacks in high speed networks. The proposed mechanism is based on the application of Power Divergence measures over Sketch data structure. Sketch is used for random aggregation of traffic, and Power Divergence is applied to detect deviations between current and established probability distributions of network traffic. We focus on tuning the parameter of Power Divergence to optimize the performance. We evaluate our approach using real Internet traffic traces, obtained from MAWI trans-Pacific wide transit link between USA and Japan. Our results show that the proposed approach outperforms existing solutions in terms of detection accuracy and false alarm ratio.