Detection of known and unknown DDoS attacks using Artificial Neural Networks
نویسندگان
چکیده
The key objective of a Distributed Denial of Service (DDoS) attack is to compile multiple systems across the Internet with infected zombies/agents and form botnets of networks. Such zombies are designed to attack a particular target or network with different types of packets. The infected systems are remotely controlled either by an attacker or by self-installed Trojans (e.g. roj/Flood-IM) that are programmed to launch packet floods. Within this context, the purpose of this paper is to detect and mitigate known and unknown DDoS attacks in real time environments. We have chosen an Artificial Neural Network (ANN) algorithm to detect DDoS attacks based on specific characteristic features (patterns) that separate DDoS attack traffic from genuine traffic. & 2015 Elsevier B.V. All rights reserved.
منابع مشابه
Artificial Neural Networks in the Detection of Known and Unknown DDoS Attacks: Proof-of-Concept
A Distributed Denial of Service attack (DDoS) is designed to overload a target device and its networks with packets to damage its resources or services. This paper proposes an Artificial Neural Network (ANN) detection engine to flag known and unknown attacks from genuine traffic. Based on experiments and data analysis, specific patterns are selected to separate genuine from DDoS packets, thus a...
متن کاملDDoS Attack Detection based on Chaos Theory and Artificial Neural Network
DDoS attacks temporarily make the target system unavailable to the legitimate users. They don’t steal anything. But they cause big headache for targeted companies and network engineers. Application layer DDoS attacks are difficult to detect because they mimic normal traffic. This paper proposes a novel method of detection of DDoS attacks based on Chaos theory and Artificial neural networks. Key...
متن کاملDetection of Distributed Denial of Service Attacks Using Statistical Pre-processor and Unsupervised Neural Networks
Although the prevention of Distributed Denial of Service (DDoS) attacks is not possible, detection of such attacks plays main role in preventing their progress. In the flooding attacks, especially new sophisticated DDoS, the attacker floods the network traffic toward the target computer by sending pseudo-normal packets. Therefore, multi-purpose IDSs do not offer a good performance (and accuracy...
متن کاملDetection of Distributed Denial of Service Attacks Using Artificial Neural Networks
Distributed Denial of Services (DDoS) is a ruthless attack that targets a node or a medium with its false packets to decline the network performance and its resources. Neural networks is a powerful tool to defend a network from this attack as in our proposed solution a mitigation process is invoked when an attack is detected by the detection system using the known patters which separate the leg...
متن کاملF-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Neurocomputing
دوره 172 شماره
صفحات -
تاریخ انتشار 2016