CFP last date
20 January 2025
Reseach Article

Anomaly based DDoS Attack Detection

by Chaitanya Buragohain, Manash Jyoti Kalita, Santosh Singh, Dhruba K. Bhattacharyya
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 123 - Number 17
Year of Publication: 2015
Authors: Chaitanya Buragohain, Manash Jyoti Kalita, Santosh Singh, Dhruba K. Bhattacharyya
10.5120/ijca2015905786

Chaitanya Buragohain, Manash Jyoti Kalita, Santosh Singh, Dhruba K. Bhattacharyya . Anomaly based DDoS Attack Detection. International Journal of Computer Applications. 123, 17 ( August 2015), 35-40. DOI=10.5120/ijca2015905786

@article{ 10.5120/ijca2015905786,
author = { Chaitanya Buragohain, Manash Jyoti Kalita, Santosh Singh, Dhruba K. Bhattacharyya },
title = { Anomaly based DDoS Attack Detection },
journal = { International Journal of Computer Applications },
issue_date = { August 2015 },
volume = { 123 },
number = { 17 },
month = { August },
year = { 2015 },
issn = { 0975-8887 },
pages = { 35-40 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume123/number17/22055-2015905786/ },
doi = { 10.5120/ijca2015905786 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:13:00.202231+05:30
%A Chaitanya Buragohain
%A Manash Jyoti Kalita
%A Santosh Singh
%A Dhruba K. Bhattacharyya
%T Anomaly based DDoS Attack Detection
%J International Journal of Computer Applications
%@ 0975-8887
%V 123
%N 17
%P 35-40
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Distributed denial-of-service (DDoS) attack poses a serious threat to network security. Several methods have been introduced to reduce the damage. However, most of the methods have been found unable to detect the attack in real-time with high detection accuracy. This paper presents a simple yet effective method to detect DDoS attack for all possible attack scenarios given by Mirkoviac [1] viz constant rate, pulsing rate, increasing rate and sub-group. The proposed method is validated using well known CAIDA dataset.

References
  1. Mirković, J., Gregory, P. and Peter, R. 2002. Attacking DDoS at the source. In Proceedings of the 10th IEEE International Conference on Network Protocols.
  2. Specht, S. M. and Ruby B. L. 2004. Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures. In Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems.
  3. Chen, Y., Hwang, K. and Ku W. S. 2006. Distributed change-point detection of DDoS attacks over multiple network domains. In Proceedings of the IEEE International Symposium on Collaborative Technologies and Systems.
  4. Chen, C. L. 2009. A New Detection Method for Distributed Denial-of-Service Attack Traffic based on Statistical Test. Journal of Universal Computer Science.
  5. Akella, A., Bharambe, A., Reiter, M. and Seshan, S. 2003. Detecting DDoS attacks on ISP networks. In Proceedings of the Workshop on Management and Processing of Data Streams, ACM.
  6. Öke, G. and Loukas. G. 2007. A denial of service detector based on maximum likelihood detection and the random neural network. The Computer Journal.
  7. Cheng, J., Yin, J., Wu, C., Zhang, B. and Li, Y. 2009. DDoS attack detection method based on linear prediction model. In Proceedings of the 5th inter-national conference on Emerging intelligent computing technology and applications.
  8. Udhayan, J. and Hamsapriya, T. 2011. Statistical segregation method to minimize the false detections during DDoS attacks. International Journal of Network Security.
  9. Nguyen, H.V. and Choi, Y. 2010. Proactive detection of DDoS attacks utilizing k-NN classifier in an AntiDDoS framework. International Journal of Electrical, Computer, and Systems Engineering.
  10. Shanon, C. E. 1948. A mathematical theory of communication. Bell system technical journal.
  11. Gavrilis, D. and Dermatas, E. 2005. Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features. Computer Networks and ISDN System.
  12. Wu, Y. C., Tseng, H. R., Yang, W. and Jan, R. H. 2011. DDoS detection and traceback with decision tree and grey relational analysis. International Journal of Ad-Hoc and Ubiquitous Computing.
  13. Karimazad, R. and Faraahi, A. 2011. An anomaly based method for DDoS attacks detection using rbf neural networks. In Proceedings of the International Conference on Network and Electronics Engineering.
  14. Jeyanthi, N. and Iyengar, N. C. S. N. 2012. An entropy based Approach to detect and distinguish DDoS aatacks from ash crowds in VoIP networks. International Journal of Network Security.
  15. Thomas, R., Mark, B., Johnson, T. and Croall, J. 2003. NetBouncer: Client-legitimacy-based high performance DDoS filtering. In Proceedings of the 3rd DARPA Information Survivability Conference and Exposition.
  16. Limwiwatkul, L. and Rungsawang, A. 2004. Distributed denial of service detection using TCP/IP header and traffic measurement analysis. In Proceedings of the IEEE International Symposium Communications and Information Technology.
  17. Zhang, G. and Parashar, M. 2006. Cooperative defense against DDoS attacks. Journal of Research and Practice in Information Technology.
  18. Wang, J., Phan, R. C. W., Whitely, J. N. and Parish, D. J. 2010. Augmented attack tree modeling of distributed denial of services and tree based attack detection method. In Proceedings of the 10th IEEE International Conference on Computer and Information Technology.
  19. Hwang, K., Dave, P. and Tanachaiwiwat, S. 2003. NetShield: Protocol anomaly detection with data-mining against DDoS attacks. In Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection.
  20. Li, L. and Lee, G. 2003. DDoS attack detection and wavelets. In Proceedings of the 12th International Conference on Computer Communications and Networks.
  21. Sekar, V. Duffield, N., SpatsCheck, O., van der Merwe, J. and Zhang, H. 2006. Lads: large-scale automated DDoS detection system. In Proceedings of the annual conference on USENIX Annual Technical Conference.
  22. Erol, G. and Loukas, G. 2007. A self-aware approach to denial of service defence. Journal of Computer Networks: The International Journal of Computer and Telecommunications Networking.
  23. Lee, K., Kim, J., Kwon, K. H., Han, Y. and Kim, S. 2008. DDoS attack detection method using cluster analysis. Journal of Expert Systems with Applications.
  24. Li, M. and Li, M. 2009. A new approach for detecting DDoS attacks based on wavelet analysis. In Proceedings of the 2nd International Congress on Image and Signal Processing.
  25. Dainotti A., Pescapé, A. and Ventre, G. 2009. A cascade architecture for DoS attacks detection based on the wavelet transform. Journal of Computer Security.
  26. Xia, Z., Lu, S. and Li, J. 2010. Enhancing DDoS flood attack detection via intelligent fuzzy logic. Informatica: An International Journal of Computing and Informatics.
  27. Kashyap, H. J. and Bhattacharyya, D. K. 2012. A DDoS attack detection mechanism based on protocol specific traffic features. In Proceedings of the 2nd International Conference on Computational Science, Engineering and Informational Technology.
  28. Bhattacharyya, D. K. and Kalita, J. K. 2013. Network anomaly detection from machine learning perspective. A chapter and hall book, CRC press, Taylor and Francis group.
  29. Rahmani H., Sahli, N. and Kammoun, F. 2009. Joint entropy analysis model for DDoS attack detection. In Proceedings of the 5th International Conference on Information Assurance and Security.
Index Terms

Computer Science
Information Sciences

Keywords

Denial of Service (DOS) Attack Distributed Denial of Service (DDoS) Attack Information Gain (IG) Attack Rate Protocol Feature Selector (FS)