{"title":"基于报文到达间隔时间的变点云DDoS检测","authors":"O. Osanaiye, Kim-Kwang Raymond Choo, M. Dlodlo","doi":"10.1109/CEEC.2016.7835914","DOIUrl":null,"url":null,"abstract":"Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace-driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.","PeriodicalId":114518,"journal":{"name":"2016 8th Computer Science and Electronic Engineering (CEEC)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":"{\"title\":\"Change-point cloud DDoS detection using packet inter-arrival time\",\"authors\":\"O. Osanaiye, Kim-Kwang Raymond Choo, M. Dlodlo\",\"doi\":\"10.1109/CEEC.2016.7835914\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace-driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.\",\"PeriodicalId\":114518,\"journal\":{\"name\":\"2016 8th Computer Science and Electronic Engineering (CEEC)\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"26\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 8th Computer Science and Electronic Engineering (CEEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CEEC.2016.7835914\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 8th Computer Science and Electronic Engineering (CEEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CEEC.2016.7835914","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Change-point cloud DDoS detection using packet inter-arrival time
Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace-driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
