Distinguishing DDoS Attacks from Flash Crowds Using Probability Metrics

被引：0

作者：

Li, Ke ^{[1
]}

Zhou, Wanlei ^{[1
]}

Li, Ping ^{[1
]}

Hai, Jing ^{[1
]}

Liu, Jianwen ^{[1
]}

机构：

[1] Deakin Univ, Sch Engn & Informat Technol, Geelong, Vic 3217, Australia

来源：

NSS: 2009 3RD INTERNATIONAL CONFERENCE ON NETWORK AND SYSTEM SECURITY | 2009年

关键词：

DDoS; Flash crowd; Probability metrics;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Both Flash crowds and DDoS (Distributed Denial-of-Service) attacks have very similar properties in terms of internet traffic, however Flash crowds are legitimate flows and DDoS attacks are illegitimate flows, and DDoS attacks have been a serious threat to internet security and stability. In this paper we propose a set of novel methods using probability metrics to distinguish DDoS attacks from Flash crowds effectively, and our simulations show that the proposed methods work well. In particular, these mathods can not only distinguish DDoS attacks from Flash crowds clearly, but also can distinguish the anomaly flow being DDoS attacks flow or being Flash crowd flow from Normal network flow effectively. Furthermore, we show our proposed hybrid probability metrics can greatly reduce both false positive and false negative rates in detection.

引用

页码：9 / 17

页数：9

共 50 条

[1] Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient
Yu, Shui
Zhou, Wanlei
Jia, Weijia
Guo, Song
Xiang, Yong
Tang, Feilong
[J]. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2012, 23 (06) : 1073 - 1080
[2] Discriminating flash crowds from DDoS attacks using efficient thresholding algorithm
David, Jisa
Thomas, Ciza
[J]. JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING, 2021, 152 : 79 - 87
[3] Methods of distinguishing flash crowds from spoofed DoS attacks
Le, Quyen
Zhanikeev, Marat
Tanaka, Yoshiaki
[J]. 2007 NEXT GENERATION INTERNET NETWORKS, 2007, : 167 - +
[4] AN EFFECTIVE METHOD FOR DIFFERENTIATING BETWEEN DDOS ATTACKS AND FLASH CROWDS
Yan, Ruoyu
Wang, Yingfeng
[J]. INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL, 2024, 20 (01): : 31 - 46
[5] A Practical System for Guaranteed Access in the Presence of DDoS Attacks and Flash Crowds
Kung, Yi-Hsuan
Lee, Taeho
Tseng, Po-Ning
Hsiao, Hsu-Chun
Kim, Tiffany Hyun-Jin
Lee, Soo Bum
Lin, Yue-Hsun
Perrig, Adrian
[J]. 2015 IEEE 23RD INTERNATIONAL CONFERENCE ON NETWORK PROTOCOLS (ICNP), 2015, : 212 - 223
[6] Detection of DDoS attacks and flash events using novel information theory metrics
Behal, Sunny
Kumar, Krishan
[J]. COMPUTER NETWORKS, 2017, 116 : 96 - 110
[7] Discriminating DDoS Flows from Flash Crowds Using Information Distance
Yu, Shui
Thapngam, Theerasak
Liu, Jianwen
Wei, Su
Zhou, Wanlei
[J]. NSS: 2009 3RD INTERNATIONAL CONFERENCE ON NETWORK AND SYSTEM SECURITY, 2009, : 351 - 356
[8] Detection of spoofed and non-spoofed DDoS attacks and discriminating them from flash crowds
Gera J.
Battula B.P.
[J]. Eurasip Journal on Information Security, 2018, 2018 (01)
[9] BEHAVIOR-BASED CLUSTERING FOR DISCRIMINATION BETWEEN FLASH CROWDS AND DDoS ATTACKS
Heo, Young Jun
Oh, Jintae
Jang, Jongsoo
[J]. SECRYPT 2009: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2009, : 140 - 143
[10] An information divergence based approach to detect flooding DDoS attacks and Flash Crowds
Kaur, Gursharanjeet
Behal, Sunny
Shifali
[J]. PROCEEDINGS OF THE 2017 3RD INTERNATIONAL CONFERENCE ON APPLIED AND THEORETICAL COMPUTING AND COMMUNICATION TECHNOLOGY (ICATCCT), 2017, : 251 - 258

← 1 2 3 4 5 →