{"title":"早期DDoS攻击流量的非负增量特征检测","authors":"Ying Huang, Huizhong Sun, H. J. Chao, Xiong Chao","doi":"10.1109/SITIS.2007.122","DOIUrl":null,"url":null,"abstract":"One of the major threats to cyber security is distributed denial of service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.","PeriodicalId":234433,"journal":{"name":"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System","volume":"397 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Non-negative Increment Feature Detection of the Traffic Throughput for Early DDoS Attack\",\"authors\":\"Ying Huang, Huizhong Sun, H. J. Chao, Xiong Chao\",\"doi\":\"10.1109/SITIS.2007.122\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the major threats to cyber security is distributed denial of service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.\",\"PeriodicalId\":234433,\"journal\":{\"name\":\"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System\",\"volume\":\"397 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-12-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SITIS.2007.122\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SITIS.2007.122","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Non-negative Increment Feature Detection of the Traffic Throughput for Early DDoS Attack
One of the major threats to cyber security is distributed denial of service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.