Statistical Segregation Method to Minimize the False Detections During DDoS Attacks
نویسندگان
چکیده
DDoS attack aims at occupying the victim resources so as to defy the legitimate requests from reaching it. Even though the attack traffic is generated in intimidating measures, the attack traffic mostly is disguised as the genuine traffic. Hence most of the mitigation methods cannot segregate the legitimate flows from the attack flows accurately. As the result, legitimate flows have also been filtered while appeasing the DDoS flood. In this paper a statistical segregation method (SSM) has been introduced, which samples the flow in consecutive intervals and then the samples are compared against the attack state condition and sorted with the mean as the parameter, then the correlation analysis is performed to segregate attack flows from the legitimate flows. SSM is compared against various other methods and the blend of segregation methods are identified for alleviating the false detections effectively.
منابع مشابه
F-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملNeural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملReal-time detection of distributed denial-of-service attacks using RBF networks and statistical features
In this paper we present and evaluate a Radial-basis-function neural network detector for Distributed-Denial-of-Service (DDoS) attacks in public networks based on statistical features estimated in short-time window analysis of the incoming data packets. A small number of statistical descriptors were used to describe the DDoS attacks behaviour, and an accurate classification is achieved using th...
متن کاملAn approach to reliably identifying signs of DDOS flood attacks based on LRD traffic pattern recognition
In the aspect of intrusion detection, reliable detection remains a challenge issue as stated in Kemmrer and Vigna (Suppl IEEE Comput (IEEE Secur Priv) 35(4) (2002) 28). ‘‘The challenge is to develop a system that detects close to 100% of attacks with minimal false positives. We are still far from achieving this goal.’’ Hence, reliable detection of distributed denial-of-service (DDOS) attacks is...
متن کاملCollaborative Defense Mechanism Using Statistical Detection Method against DDoS Attacks
Distributed Denial-of-Service attack (DDoS) is one of the most outstanding menaces on the Internet. A DDoS attack generally attempts to overwhelm the victim in order to deny their services to legitimate users. A number of approaches have been proposed for defending against DDoS attacks accurately in real time. However, existing schemes have limits in terms of detection accuracy and delay if the...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 13 شماره
صفحات -
تاریخ انتشار 2011