Abstract
Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method. In this paper, we propose a combined data mining approach for modeling the traffic pattern of normal and diverse attacks. This approach uses the automatic feature selection mechanism for selecting the important attributes. And the classifier is built with the theoretically selected attribute through the neural network. And then, our experimental results show that our approach can provide the best performance on the real network, in comparison with that by heuristic feature selection and any other single data mining approaches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kim, M., et al.: A Combined Data Mining Approach for DDoS Attack Detection. In: Proc. of ICOIN (2004), pp. 1365–1374 (2004)
Lee, W., Stolfo, S.J.: Data Mining Approaches for Intrusion Detection. In: Proc. of the 7th USENIX Security Symposium, pp. 79–94 (1998)
Na, H., et al.: Distributed Denial of Service Attack Detection using Netflow Traffic. In: Proc. of the Korea Information Processing Society (2003)
Aijun, L., Yunhui, L., Siwei, L.: Mapping a Decision Tree for Classification into a Neural Network. In: Proc. of the 6th International Conference on Computational Intelligence & Natural Computing (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, M., Na, H., Chae, K., Bang, H., Na, J. (2004). A Combined Data Mining Approach for DDoS Attack Detection. In: Kahng, HK., Goto, S. (eds) Information Networking. Networking Technologies for Broadband and Mobile Networks. ICOIN 2004. Lecture Notes in Computer Science, vol 3090. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25978-7_95
Download citation
DOI: https://doi.org/10.1007/978-3-540-25978-7_95
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23034-2
Online ISBN: 978-3-540-25978-7
eBook Packages: Springer Book Archive