Introduction to Grey system theory
The Journal of Grey System
A statistical approach to predictive detection
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on selected topics in network and systems management
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
On scalable attack detection in the network
IEEE/ACM Transactions on Networking (TON)
Journal of Parallel and Distributed Computing
A collaborative defense mechanism against SYN flooding attacks in IP networks
Journal of Network and Computer Applications
Traffic flooding attack detection with SNMP MIB using SVM
Computer Communications
On the Robustness of SCTP against DoS Attacks
ICCIT '08 Proceedings of the 2008 Third International Conference on Convergence and Hybrid Information Technology - Volume 02
Detecting SYN Flooding Agents under Any Type of IP Spoofing
ICEBE '08 Proceedings of the 2008 IEEE International Conference on e-Business Engineering
Grey system theory-based models in time series prediction
Expert Systems with Applications: An International Journal
Application of anomaly detection algorithms for detecting SYN flooding attacks
Computer Communications
HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency
Computer Networks: The International Journal of Computer and Telecommunications Networking
WDA: A Web farm Distributed Denial Of Service attack attenuator
Computer Networks: The International Journal of Computer and Telecommunications Networking
Parametric methods for anomaly detection in aggregate traffic
IEEE/ACM Transactions on Networking (TON)
A flooding-based DoS/DDoS detecting algorithm based on traffic measurement and prediction
IWSEC'06 Proceedings of the 1st international conference on Security
Hi-index | 0.00 |
SYN flooding attacks are a common type of distributed denial-of-service attacks. Up to now, many defense schemes have been proposed against SYN flooding attacks. Traditional defense schemes rely on passively sniffing an attacking signature and are inaccurate in the early stages of an attack. These schemes are effective only at the later stages when attacking signatures are obvious. In this paper, we propose a detection approach that makes use of SYN traffic prediction to determine whether SYN flooding attacks happen at the early stage. We firstly adopt grey prediction model to predict SYN traffic, and then, we employ cumulative sum algorithm to detect SYN flooding attack traffic among forecasted SYN traffic. Trace-driven simulation results demonstrate that our proposed detection approach can detect SYN flooding attacks effectively. Copyright © 2012 John Wiley & Sons, Ltd.