DDoS detection and discrimination from flash events: a compendious review

2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC) Pub Date : 2018-12-01 DOI:10.1109/ICSCCC.2018.8703335

A. Dhingra, M. Sachdeva

{"title":"DDoS detection and discrimination from flash events: a compendious review","authors":"A. Dhingra, M. Sachdeva","doi":"10.1109/ICSCCC.2018.8703335","DOIUrl":null,"url":null,"abstract":"Although there has been an immense advancement in the robustness of IT infrastructure, the organizations still face downtimes, lasting for short periods and even continuing for days. This could be due to malicious requests, deliberately sent to disrupt the services or the volume of legitimate users trying to access the website. Detection of these network traffic anomalies and then categorizing them as DDoS Attack or Flash event, is a challenging task in the front of network security researchers. This paper reviews and summarizes the details and scenarios of these anomalies. It highlights the various features, parameters and metrics used in research till date to detect these anomalies and distinguish the legitimate request from the malicious one. The intent of paper is to guide researchers in selecting efficient parameters in order to obtain accurate results with low false positives. It highlights the list of characteristics to discriminate the two traffic patterns has been proposed for better understanding of the problem. Thus, the paper is expected to help academicians and researchers find effective solution for the above-mentioned anomalous behavior of the network traffic.","PeriodicalId":148491,"journal":{"name":"2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSCCC.2018.8703335","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Although there has been an immense advancement in the robustness of IT infrastructure, the organizations still face downtimes, lasting for short periods and even continuing for days. This could be due to malicious requests, deliberately sent to disrupt the services or the volume of legitimate users trying to access the website. Detection of these network traffic anomalies and then categorizing them as DDoS Attack or Flash event, is a challenging task in the front of network security researchers. This paper reviews and summarizes the details and scenarios of these anomalies. It highlights the various features, parameters and metrics used in research till date to detect these anomalies and distinguish the legitimate request from the malicious one. The intent of paper is to guide researchers in selecting efficient parameters in order to obtain accurate results with low false positives. It highlights the list of characteristics to discriminate the two traffic patterns has been proposed for better understanding of the problem. Thus, the paper is expected to help academicians and researchers find effective solution for the above-mentioned anomalous behavior of the network traffic.

查看原文本刊更多论文

DDoS检测和区分的闪光事件:一个简短的审查

尽管在IT基础设施的健壮性方面已经取得了巨大的进步，但组织仍然面临停机时间，持续时间很短，甚至持续数天。这可能是由于恶意请求，故意发送破坏服务或合法用户试图访问该网站的数量。检测这些网络流量异常，并将其归类为DDoS攻击或Flash事件，是摆在网络安全研究人员面前的一项具有挑战性的任务。本文对这些异常的细节和场景进行了回顾和总结。它强调了迄今为止研究中用于检测这些异常并区分合法请求和恶意请求的各种特征，参数和指标。本文旨在指导研究人员选择有效的参数，以获得准确的低误报结果。它强调了区分两种交通模式的特征列表，这是为了更好地理解问题而提出的。因此，本文有望帮助学术界和研究人员找到有效的解决上述网络流量异常行为的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC)

自引率

0.00%

发文量