Detecting DDoS attacks by analyzing the dynamics and interrelation of network traffic characteristics

被引：1

作者：

Krasnov, A. E. ^{[1
]}

Nadezhdin, E. N. ^{[1
]}

Nikol'skii, D. N. ^{[2
]}

Repin, D. S. ^{[3
]}

Galyaev, V. S. ^{[1
]}

机构：

[1] State Inst Informat Technol & Telecommun, Ul Chasovaya 21B, Moscow 125315, Russia

[2] State Inst Informat Technol & Telecommun, Phys & Math, Ul Chasovaya 21B, Moscow 125315, Russia

[3] State Inst Informat Technol & Telecommun, Engn, Bryusov Per 21,Bld 2, Moscow 125009, Russia

来源：

VESTNIK UDMURTSKOGO UNIVERSITETA-MATEMATIKA MEKHANIKA KOMPYUTERNYE NAUKI | 2018年 / 28卷 / 03期

关键词：

network traffic; DDoS attack; detection; dynamical operator; evolution operator; hash function; classification;

D O I：

10.20537/vm180310

中图分类号：

O1 [数学];

学科分类号：

0701 ; 070101 ;

摘要：

This paper presents an improved approach previously developed by the authors for detection of DDoS attacks. It uses traffic evolution and dynamical operators, which makes it possible to take into consideration interrelations observed for data packets headers of traffic. It is assumed that each traffic state (normal state and anomalous attacked states) can be described by unique temporal patterns of characteristics generated by unknown linear dynamical operators. Interrelations between values of network traffic characteristics in different discrete time samples are determined by the evolution operator. The approach was applied for classification of three traffic states: normal and two abnormal (HTTP flood and SlowLoris DDoS attacks). The results prove that it is possible to distinguish normal and abnormal traffic states by hash functions of address and load fields of traffic data packets.

引用

页码：407 / 418

页数：12

共 50 条

[41] Detecting DDoS Attacks Using Conditional Random Fields
Liu, Yun
Jiang, Siyu
Yuan, Xiaojie
[J]. APPLIED SCIENCE, MATERIALS SCIENCE AND INFORMATION TECHNOLOGIES IN INDUSTRY, 2014, 513-517 : 522 - 526
[42] Detecting DDoS Attacks at the Source Using Multiscaling Analysis
Petiz, Ivo
Salvador, Paulo
Nogueira, Antonio
Rocha, Eduardo
[J]. 2014 16TH INTERNATIONAL TELECOMMUNICATIONS NETWORK STRATEGY AND PLANNING SYMPOSIUM (NETWORKS), 2014,
[43] Detecting and Tracing DDoS attacks by Intelligent Decision Prototype
Chonka, Ashley
Zhou, Wanlei
Singh, Jaipal
Xiang, Yang
[J]. 2008 IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS, 2008, : 578 - +
[44] A Method of Run-Time Detecting DDoS Attacks
Li, Muhai
Li, Ming
[J]. PROCEEDINGS OF THE 12TH WSEAS INTERNATIONAL CONFERENCE ON COMPUTERS , PTS 1-3: NEW ASPECTS OF COMPUTERS, 2008, : 393 - +
[45] Evaluating Machine Learning Algorithms for Detecting DDoS Attacks
Suresh, Manjula
Anitha, R.
[J]. ADVANCES IN NETWORK SECURITY AND APPLICATIONS, 2011, 196 : 441 - 452
[46] Detecting DDoS Attacks using Decision Tree Algorithm
Lakshminarasimman, S.
Ruswin, S.
Sundarakantham, K.
[J]. 2017 FOURTH INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING, COMMUNICATION AND NETWORKING (ICSCN), 2017,
[47] A novel approach to detecting DDoS attacks at an early stage
Xiao, Bin
Chen, Wei
He, Yanxiang
[J]. JOURNAL OF SUPERCOMPUTING, 2006, 36 (03): : 235 - 248
[48] Detecting APT Attacks Based on Network Traffic Using Machine Learning
Xuan, Cho Do
[J]. JOURNAL OF WEB ENGINEERING, 2021, 20 (01): : 171 - 190
[49] Unsupervised Approach for Detecting Low Rate Attacks on Network Traffic with Autoencoder
Pratomo, Baskoro Adi
Burnap, Pete
Theodorakopoulos, George
[J]. 2018 INTERNATIONAL CONFERENCE ON CYBER SECURITY AND PROTECTION OF DIGITAL SERVICES (CYBER SECURITY), 2018,
[50] Detecting Attacks in Network Traffic Using Normality Models: The Cellwise Estimator
Heine, Felix
Kleiner, Carsten
Klostermeyer, Philip
Ahlers, Volker
Laue, Tim
Wellermann, Nils
[J]. FOUNDATIONS AND PRACTICE OF SECURITY, FPS 2021, 2022, 13291 : 265 - 282

← 1 2 3 4 5 →