A federated network mainly operates with same Internet Service Provider (ISP) and virtual entities integrated with it. Foremost frustration in unified network is attack affair due to intruder intervention. Although attacks are classified according to the attack rate dynamics, they are different in many other aspects such as implementations, intention, and countermeasures. Distributed Denial of Service (DDoS) and Low-rate DDoS attacks are vigorous threats to almost every ISP. In a merged network environment, routers work intimately to elevate early warning of DDoS attacks to evade terrible defacement. In existing FireCol a concerted protection, is used to detect flooding attack with metric computations. It delivers better detection for flooding but in case of low-rate attack, with minimum parameters it fights to find. In order to rout that, we prompt additional potential metrics such as Information distance metric, the Generalized entropy metric, the Probability metric ,the Hybrid metric (the Total variation metric and the Bhattacharyya metric) with SVM Classifier for better outsourcing performance in exposure of both high & low transmission rate attacks with diminution in false alarms. The proportions of packets are being transmitted in distributed client server topology. Both similarity and dissimilarity in the distributions of packets are taken to outline the deviation in the behaviour of user profile. Along with that, SVM classifies the attack and normal flows by using train and test files, which attains the accuracy of 73. 89%. Hence, the low rate attack detection with metrics computations and classifier achieves better results compared to Firecol with decision table mechanism.

1. J. Francois, A. El Atawy, E. Al Shaer, and R. Boutaba (2007) 'A collaborative approach for proactive detection of distributed denial of service attacks,' IEEE, Toulouse, France, Vol. 11, pp. 2-16.
2. Jerome François, Issam Aib, and Raouf Boutaba (2012) 'FireCol: A Collaborative Protection Network for the Detection of Flooding DDoS Attacks', IEEE/ACM Transactions on Networking, VOL. 20, NO. 6, pp. 1828 – 1841
3. Yang Xiang, Member, IEEE, Ke Li, and Wanlei Zhou (2011) 'Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics', IEEE Transactions on Information Forensics And Security, vol. 6.
4. Shui Yu and Wanlei Zhou (2008) 'Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks', Sixth Annual IEEE International Conference on Pervasive Computing and Communications, pp. 568-569.
5. Tao Peng, Christopher Leckie, and Kotagiri Ramamohanarao (2007) 'Survey of Network-Based Defense Mechanisms Countering the DoS and DDoS Problems', ACM Computing Surveys, Vol. 39, No. 1, Article 3,pp. 20-2
6. Evan Cooke, Farnam Jahanian and Danny McPherson (2005) 'The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets', Proc. SRUTI, USENIX Association Berkeley, CA, USA, pp. 39–44.
7. Anja Feldmann, Olaf Maennel, Z. Morley Mao, Arthur Berger and Bruce Maggs (2004) 'Locating Internet routing instabilities', Computer Communication Review, Portland, Oregon, USA, Vol. 34, No. 4, pp. 205–218.
8. V. Paxson (1997) 'End-to-end routing behaviour in the Internet,' IEEE/ACM SIGCOMM Computer Communication Review, Vol. 5, No. 5, pp. 601–615.
9. Kuai Xu, Zhi-Li Zhang, and Supratik Bhattacharyya (2008) 'Internet traffic behaviour profiling for network security monitoring', IEEE/ACM transactions on Networking, Vol. 16, No. 6, pp. 1241–1252.
10. Ke Li, Wanlei Zhou, Ping Li, Jing Hai and Jianwen Liu (2009) 'Distinguishing DDoS Attacks from Flash Crowds Using Probability Metrics', Third International Conference on Network and System Security, pp. 9 – 17.
11. Mina Guirguis, Azer Bestavros and Ibrahim Matta (2006) 'On the Impact of Low-Rate Attacks', IEEE International Conference on Communications Vol. 5, pp. 2316 – 2321.
12. Xiao-Ming Liu, Gong Cheng, Qi Li, and Miao Zhang (2012) 'A comparative study on flood DoS and low-rate DoS attacks' The Journal of China Universities of Posts and Telecommunications, Vol. 19, Supplement 1, pp. 116-121.
13. D. Muruganandam, Dr. J. Martin Leo Manickam, M. A. Vinoth Kumar (2013) 'Detection and Prevention of Low and High Rate Flooding DDoS Attacks' International journal of advanced scientific and technical research, Issue 3 Vol. 3, pp. 187-194.
14. Wenke Lee and Dong Xiang (2001) 'Information-Theoretic Measures for Anomaly Detection' IEEE Symposium on Security and Privacy, pp. 133-143.
15. Wei Wang, Xiaohong Guan, Xiangliang Zhang and Liwei Yang (2006) 'Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data' Forty third IEEE Conference on Decision and Control,Vol. 1,pp. 99-10.
16. Barron, A. R. , Gyorfi, L. and Van Ver Meulen, E. C. (1992), 'Distribution Estimation Consistent in Total Variation and in Two Types of Information Divergence' IEEE Transactions on Information Theory, Vol. 38 , pp. 1437-1454.

Ddos Flooding Attack Low-rate Ddos Attack Metrics Svm Classifier.