Detecting DDoS attacks by analyzing the dynamics and interrelation of network traffic characteristics

被引：1

作者：

Krasnov, A. E. ^{[1
]}

Nadezhdin, E. N. ^{[1
]}

Nikol'skii, D. N. ^{[2
]}

Repin, D. S. ^{[3
]}

Galyaev, V. S. ^{[1
]}

机构：

[1] State Inst Informat Technol & Telecommun, Ul Chasovaya 21B, Moscow 125315, Russia

[2] State Inst Informat Technol & Telecommun, Phys & Math, Ul Chasovaya 21B, Moscow 125315, Russia

[3] State Inst Informat Technol & Telecommun, Engn, Bryusov Per 21,Bld 2, Moscow 125009, Russia

来源：

VESTNIK UDMURTSKOGO UNIVERSITETA-MATEMATIKA MEKHANIKA KOMPYUTERNYE NAUKI | 2018年 / 28卷 / 03期

关键词：

network traffic; DDoS attack; detection; dynamical operator; evolution operator; hash function; classification;

D O I：

10.20537/vm180310

中图分类号：

O1 [数学];

学科分类号：

0701 ; 070101 ;

摘要：

This paper presents an improved approach previously developed by the authors for detection of DDoS attacks. It uses traffic evolution and dynamical operators, which makes it possible to take into consideration interrelations observed for data packets headers of traffic. It is assumed that each traffic state (normal state and anomalous attacked states) can be described by unique temporal patterns of characteristics generated by unknown linear dynamical operators. Interrelations between values of network traffic characteristics in different discrete time samples are determined by the evolution operator. The approach was applied for classification of three traffic states: normal and two abnormal (HTTP flood and SlowLoris DDoS attacks). The results prove that it is possible to distinguish normal and abnormal traffic states by hash functions of address and load fields of traffic data packets.

引用

页码：407 / 418

页数：12

共 50 条

[21] A novel sensitive DDoS attacks against statistical test in network traffic fusion
Kulandaivel, Madhumitha
Kumar, Ganesh
Sathiyamoorthi, Velayutham
Gupta, Sachin Kumar
[J]. TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2023, 34 (12)
[22] Defending DDoS attacks using network traffic analysis and probabilistic packet drop
Seo, J
Lee, C
Moon, J
[J]. GRID AND COOPERATIVE COMPUTING GCC 2004 WORKSHOPS, PROCEEDINGS, 2004, 3252 : 390 - 397
[23] Analyzing behavior of DDoS attacks to identify DDoS detection features in SDN
Dayal, Neelam
Srivastava, Shashank
[J]. 2017 9TH INTERNATIONAL CONFERENCE ON COMMUNICATION SYSTEMS AND NETWORKS (COMSNETS), 2017, : 274 - 281
[24] Increasing Web Service Availability by Detecting Application-Layer DDoS Attacks in Encrypted Traffic
Zolotukhin, Mikhail
Hamalainen, Timo
Kokkonen, Tero
Siltanen, Jarmo
[J]. 2016 23RD INTERNATIONAL CONFERENCE ON TELECOMMUNICATIONS (ICT), 2016,
[25] An approach for detecting and preventing DDoS attacks in campus
Merouane M.
[J]. Merouane, Mehdi (mmehdi_m@hotmail.com), 1600, Springer Science and Business Media, LLC (51): : 13 - 23
[26] Detecting DDoS Attacks in Cloud Computing Environment
Lonea, A. M.
Popescu, D. E.
Tianfield, H.
[J]. INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL, 2013, 8 (01) : 70 - 78
[27] Detecting flooding-based DDoS attacks
You, Yonghua
Zulkernine, Mohammad
Haque, Anwar
[J]. 2007 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-14, 2007, : 1229 - +
[28] HollywooDDoS: Detecting Volumetric Attacks in Moving Images of Network Traffic
Kopmann, Samuel
Heseding, Hauke
Zitterbart, Martina
[J]. PROCEEDINGS OF THE 2022 47TH IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2022), 2022, : 90 - 97
[29] Detecting Web Attacks in Severely Imbalanced Network Traffic Data
Zuech, Richard
Hancock, John
Khoshgoftaar, Taghi M.
[J]. 2021 IEEE 22ND INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION FOR DATA SCIENCE (IRI 2021), 2021, : 267 - 273
[30] Measurement of DNS traffic caused by DDoS attacks
Ishibashi, K
Toyono, T
Matsuoka, H
Toyama, K
[J]. 2005 SYMPOSIUM ON APPLICATIONS AND THE INTERNET WORKSHOPS, PROCEEDINGS, 2005, : 118 - 121

← 1 2 3 4 5 →