{"title":"一种基于信息发散的洪水式DDoS攻击和Flash crowd检测方法","authors":"Gursharanjeet Kaur, Sunny Behal, Shifali","doi":"10.1109/ICATCCT.2017.8389143","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks poses a severe threat to widely used Internet-based services and applications. Currently, during in the technology era, the internet is the only real exigent that delivers a glut of services like businesses, banking, communication, education, e-commerce, etc. Distributed Denial of Service attack aims to deny access by legitimate users to shared services or resources. Because of the vulnerability of the initial style of the web, attackers can merely mimic the patterns of legitimate network traffic. The prevailing fingerprint or feature-based methods are not appropriate to detect a recent DDoS attack. In this paper our goal is to detect a DDoS attack as well as Flash Crowd using various information distance measures such as Kullbeck-Leibler, Hellinger and Manhattan distance to measure the flow similarity among the traffic. Further the detection parameters such as Detection Rate, Classification Rate, Precision Rate and False Positive Rate is computed and shows that the Kullbeck-Leibler detection metric effectively detects the attack as compared to the other two.","PeriodicalId":123050,"journal":{"name":"2017 3rd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)","volume":"461 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An information divergence based approach to detect flooding DDoS attacks and Flash Crowds\",\"authors\":\"Gursharanjeet Kaur, Sunny Behal, Shifali\",\"doi\":\"10.1109/ICATCCT.2017.8389143\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attacks poses a severe threat to widely used Internet-based services and applications. Currently, during in the technology era, the internet is the only real exigent that delivers a glut of services like businesses, banking, communication, education, e-commerce, etc. Distributed Denial of Service attack aims to deny access by legitimate users to shared services or resources. Because of the vulnerability of the initial style of the web, attackers can merely mimic the patterns of legitimate network traffic. The prevailing fingerprint or feature-based methods are not appropriate to detect a recent DDoS attack. In this paper our goal is to detect a DDoS attack as well as Flash Crowd using various information distance measures such as Kullbeck-Leibler, Hellinger and Manhattan distance to measure the flow similarity among the traffic. Further the detection parameters such as Detection Rate, Classification Rate, Precision Rate and False Positive Rate is computed and shows that the Kullbeck-Leibler detection metric effectively detects the attack as compared to the other two.\",\"PeriodicalId\":123050,\"journal\":{\"name\":\"2017 3rd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)\",\"volume\":\"461 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 3rd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICATCCT.2017.8389143\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 3rd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICATCCT.2017.8389143","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An information divergence based approach to detect flooding DDoS attacks and Flash Crowds
Distributed Denial of Service (DDoS) attacks poses a severe threat to widely used Internet-based services and applications. Currently, during in the technology era, the internet is the only real exigent that delivers a glut of services like businesses, banking, communication, education, e-commerce, etc. Distributed Denial of Service attack aims to deny access by legitimate users to shared services or resources. Because of the vulnerability of the initial style of the web, attackers can merely mimic the patterns of legitimate network traffic. The prevailing fingerprint or feature-based methods are not appropriate to detect a recent DDoS attack. In this paper our goal is to detect a DDoS attack as well as Flash Crowd using various information distance measures such as Kullbeck-Leibler, Hellinger and Manhattan distance to measure the flow similarity among the traffic. Further the detection parameters such as Detection Rate, Classification Rate, Precision Rate and False Positive Rate is computed and shows that the Kullbeck-Leibler detection metric effectively detects the attack as compared to the other two.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
