An intelligent method for real-time detection of DDoS attack based on fuzzy logic
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.Get Access
The paper puts forward a variance-time plots method based on slide-window mechanism to calculate the Hurst parameter to detect Distribute Denial of Service (DDoS) attack in real time. Based on fuzzy logic technology that can adjust itself dynamically under the fuzzy rules, an intelligent DDoS judgment mechanism is designed. This new method calculates the Hurst parameter quickly and detects DDoS attack in real time. Through comparing the detecting technologies based on statistics and feature-packet respectively under different experiments, it is found that the new method can identify the change of the Hurst parameter resulting from DDoS attack traffic with different intensities, and intelligently judge DDoS attack self-adaptively in real time.
- W. E. Leland, M. S. Taqqu, W. Willinger, et al. On the self-similar nature of ethernet traffic (Extended version). IEEE/ACM Trans. on Networking, 2(1994)1, 1–15. CrossRef
- V. Paxson and S. Floyd. Wide area traffic: The failure of Poisson modeling. IEEE/ACM Trans. on Networking, 3(1995)3, 226–244. CrossRef
- T. E. Ozkurt, T. Akgul, and S. Baykut. Principal component analysis of the fractional brownian motion for 0<H<0.5. Proceedings of the International conference on Acoustics, Speech and Signal Processing (ICASSP’2006), Toulouse, France, May 21–24, 2006, vol.3, 488–491.
- Y. G. Kim, A. Shiravi, and P. S. Min. Congestion prediction of self-similar network through parameter estimation. Network Operations and Management Symposium, Vancouver, Canada, April 5, 2006, 1–4.
- Guanghui He and J. C. Hou. An in-depth, analytical study of sampling techniques for self-similar internet traffic. The 25th International Conference on Distributed Computing Systems, Columbus, OH, June 6–10, 2005, 404–413.
- Y. Xiang, Y. Lin, W. L. Lei, et al. Detecting DDoS attack based on network self-similarity. IEE Proceeding on Communications, 151(2004)3, 292–295. CrossRef
- H. F. Zhang, Y. T. Shu, and Oliver Yang. Estimation of Hurst parameter by variance-time plots. Proceedings of the IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, Victoria, BC, Canada, Aug. 20–22, 1997, vol.2, 883–886.
- A. Popescu. Traffic self-similarity. IEEE International Conference on Telecommunications (ICT’2001), Bucharest, Romania, June 8, 2001, 20–24.
- D. Guo, X. Wang, and J. Zhang. Fast real-time Hurst parameter estimation via adaptive wavelet lifting. IEEE Trans. on Vehicular Technology, 53(2004)7, 1266–1273. CrossRef
- T. Hagiwara, H. Doi, H. Tode, et al. High-speed calculation method of the Hurst parameter based on real traffic. Proceedings of the 25th Annual IEEE Conference on Local Computer Networks, Tampa, Florida, USA, Nov. 8–10, 2000, 662–669.
- Information Systems Technology Group of MIT Lincoln Laboratory. The 1999 DARPA intrusion detection evaluation data set. http://www.ll.mit.edu/IST/ideval, June 18, 2006.
- Qin Yu, Yuming Mao, Taijun Wang, et al. Hurst parameter estimation and characteristics analysis of aggregate wireless LAN traffic. Proceedings of the International Conference on Communications, Circuits and Systems, Hong Kong, China, May 27–30, 2005, vol.1, 339–345.
- Lixin Wang and Yingjun Wang. A Course in Fuzzy Systems & Control. 1st ed. Beijing, China, Tsinghua University Press, 2003, 55–66 (in Chinese). 王立新, 王迎军. 模糊系统与模糊控制教程. 第一版. 北京, 清华大学出版社, 2003, 55–66.
- M. Sato and Y. Sato. Fuzzy clustering model for asymmetry and self-similarity. Proceedings of the Sixth IEEE International Conference on Fuzzy Systems, Barcelona, Spain, July 1–5, 1997, vol.2, 963–968.
- H. Debar and A. Wespi. Aggregation and correlation of intrusion-detection alerts. Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection, Davis, CA, October 10–12, 2001, 85–103.
- Y. Soejima, E. Y. Chen, and H. Fuji. Detecting DDoS attacks by analyzing client response patterns. Proceedings of the 2005 Symposium on Applications and the Internet Workshops, Saint Workshops, Italy, Jan. 31–Feb. 4, 2005, 98–101.
- Qiang Yang and Ke Wang. Web-log cleaning for constructing sequential classifiers. Applied Artificial Intelligence, 17(2003)5, 431–441. CrossRef
- An intelligent method for real-time detection of DDoS attack based on fuzzy logic
Journal of Electronics (China)
Volume 25, Issue 4 , pp 511-518
- Cover Date
- Print ISSN
- Online ISSN
- SP Science Press
- Additional Links
- Abnormal traffic
- Distribute Denial of Service (DDoS)
- Real-time detection
- Intelligent control
- Fuzzy logic
- Industry Sectors