2018 4th International Conference on Computer and Technology Applications (ICCTA) 2018
DOI: 10.1109/cata.2018.8398647
|View full text |Cite
|
Sign up to set email alerts
|

Detection of smurf flooding attacks using Kullback-Leibler-based scheme

Abstract: Reliable and timely detection of cyber attacks become indispensable to protect networks and systems. Internet control message protocol (ICMP) flood attacks are still one of the most challenging threats in both IPv4 and IPv6 networks. This paper proposed an approach based on Kullback-Leibler divergence (KLD) to detect ICMP-based Denial Of service (DOS) and Distributed Denial Of Service (DDOS) flooding attacks. This is motivated by the high capacity of KLD to quantitatively discriminate between two distributions… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

1
16
0

Year Published

2018
2018
2022
2022

Publication Types

Select...
5
4

Relationship

4
5

Authors

Journals

citations
Cited by 19 publications
(17 citation statements)
references
References 33 publications
1
16
0
Order By: Relevance
“…CAIDA 2007 dataset is analyzed in detail in [30]. It is widely used until recently as the reliable dataset for many research work on network security, especially on DDoS modeling, detection and mitigation [6,22,[31][32][33]. The total size of the original dataset is 21 GB.…”
Section: Traffic Datasetmentioning
confidence: 99%
See 1 more Smart Citation
“…CAIDA 2007 dataset is analyzed in detail in [30]. It is widely used until recently as the reliable dataset for many research work on network security, especially on DDoS modeling, detection and mitigation [6,22,[31][32][33]. The total size of the original dataset is 21 GB.…”
Section: Traffic Datasetmentioning
confidence: 99%
“…Defeating against DDoS attacks has been extensively researched recently [4][5][6][7][8][9][10][11][12][13][14][15][16][21][22][23], but there exist some limitations of the current approaches that require further investigation, namely:…”
mentioning
confidence: 99%
“…Practically, flooding cyber-attacks, such as DOS and DDOS attacks (e.g., TCP SYN flooding, UDP flooding and ICMPamplification) overwhelm the network's infrastructures with an important volume of traffic [5]. Other types of DOS and DDOS attacks, such as IP fragmentation, Land and Ping of death, utilize a deformed message (e.g., size exceeds 64 Ko, wrong fragments and wrong IP address) [6].…”
Section: Introductionmentioning
confidence: 99%
“…All over the years, several methods have been developed for detecting DOS and DDOS attacks [2][3]. Nezhad et al [4] proposed a detection technique based on the Auto-Regressive Integrated Moving average (ARIMA) and the chaotic theory.…”
Section: Introductionmentioning
confidence: 99%