DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis

Wu, Yi-Chi; Tseng, Huei-Ru; Yang, Wuu; Jan, Rong‐Hong

doi:10.1109/mue.2009.60

Cited by 20 publications

(16 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…All of the traceback mechanisms have serious deployment and operational challenges [69]. One of the fundamental deployment and operational challenges is ensuring a sufficient number of routers that support traceback before it is effective.…”

Section: Destination-based Mechanismsmentioning

confidence: 99%

A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks

Zargar

Joshi

Tipper

2013

IEEE Commun. Surv. Tutorials

1,100

508

View full text Add to dashboard Cite

Abstract-Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive defense mechanism against identified and anticipated DDoS flooding attacks is a desired goal of the intrusion detection and prevention research community. However, the development of such a mechanism requires a comprehensive understanding of the problem and the techniques that have been used thus far in preventing, detecting, and responding to various DDoS flooding attacks.In this paper, we explore the scope of the DDoS flooding attack problem and attempts to combat it. We categorize the DDoS flooding attacks and classify existing countermeasures based on where and when they prevent, detect, and respond to the DDoS flooding attacks. Moreover, we highlight the need for a comprehensive distributed and collaborative defense approach. Our primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.

show abstract

Section: Destination-based Mechanismsmentioning

confidence: 99%

A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks

Zargar

Joshi

Tipper

2013

IEEE Commun. Surv. Tutorials

1,100

508

View full text Add to dashboard Cite

show abstract

“…Grey Rational Analysis and Decision Tree Methods [15] Traffic Strength is analyzed by creating decision trees. Upstream Router's traffic flow is analyzed, and the decision tree is created.…”

Section: Figure30 "Low Rate Ddos Time Diagram"mentioning

confidence: 99%

An Overview of DDOS Attacks Detection and Prevention in the Cloud

Fakeeh¹

2016

IJAIS

View full text Add to dashboard Cite

Security is an illusion unless you are hacked. Attacks in the Cloud have more catastrophic and destructive impact on the organizations than the user might expect. As attacks are constantly evolving and making it difficult to defend. Most of the organization will try to check their devices in the cloud to protect against viruses with traditional security measures like antiviruses, or firewall thinking it secures across different attacks, but with a wide range of change in attack pattern organizations have exposed to significant operational and business consequences, not to mention public embarrassment. In this paper, we conducted the survey on DDOS (Distributed Denial of Service) attacks research work and analyzed prevention and detection methods used for DDOS attacks in the cloud. We found that there is a good amount of research scope in detecting and preventing slow client application layer attacks in the cloud.

show abstract

“…It is a common method for DDoS detection in [22], [23], [24].Some common algorithms in network intrusion and anomaly detection are Multilayer Perceptron, Gaussian Classifier, K-means Clustering and Markov model [25].…”

Section: Related Workmentioning

confidence: 99%

“…The common principle of destination-based defense mechanisms is to look for a special signature which reflects actual DDoS attacks at early stage. Variety of theories have been applied to build destination-based defense mechanisms, such as using entropy in information theory [9], [10], [11], [12], game theory model in [17],artificial intelligent, learning machine, data mining [13], [14], [15], [16].…”

Section: Introductionmentioning

confidence: 99%

A Mechanism for Early Detecting DDOS Attacks Based on M/G/R PS Queue

Sơn¹

2016

IJNSA

View full text Add to dashboard Cite

When service system is under DDoS attacks, it is important to detect anomaly signature at starting time of attack for timely applying prevention solutions. However, early DDoS detection is difficult task because the velocity of DDoS attacks is very high. This paper proposes a DDoS attack detection method by modeling service system as M/G/R PS queue and calculating monitoring parameters based on the model in odder to early detect symptom of DDoS attacks. The proposed method is validated by experimental system and itgives good results.

show abstract

DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis

Cited by 20 publications

References 18 publications

A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks

A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks

An Overview of DDOS Attacks Detection and Prevention in the Cloud

A Mechanism for Early Detecting DDOS Attacks Based on M/G/R PS Queue

Contact Info

Product

Resources

About