Advertisement

A Combined Data Mining Approach for DDoS Attack Detection

  • Mihui Kim
  • Hyunjung Na
  • Kijoon Chae
  • Hyochan Bang
  • Jungchan Na
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3090)

Abstract

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method. In this paper, we propose a combined data mining approach for modeling the traffic pattern of normal and diverse attacks. This approach uses the automatic feature selection mechanism for selecting the important attributes. And the classifier is built with the theoretically selected attribute through the neural network. And then, our experimental results show that our approach can provide the best performance on the real network, in comparison with that by heuristic feature selection and any other single data mining approaches.

Keywords

Attack Type Decision Tree Algorithm Data Mining Approach Heuristic Selection Defense Capability 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kim, M., et al.: A Combined Data Mining Approach for DDoS Attack Detection. In: Proc. of ICOIN (2004), pp. 1365–1374 (2004)Google Scholar
  2. 2.
    Lee, W., Stolfo, S.J.: Data Mining Approaches for Intrusion Detection. In: Proc. of the 7th USENIX Security Symposium, pp. 79–94 (1998)Google Scholar
  3. 3.
    Na, H., et al.: Distributed Denial of Service Attack Detection using Netflow Traffic. In: Proc. of the Korea Information Processing Society (2003)Google Scholar
  4. 4.
    Aijun, L., Yunhui, L., Siwei, L.: Mapping a Decision Tree for Classification into a Neural Network. In: Proc. of the 6th International Conference on Computational Intelligence & Natural Computing (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Mihui Kim
    • 1
  • Hyunjung Na
    • 1
  • Kijoon Chae
    • 1
  • Hyochan Bang
    • 2
  • Jungchan Na
    • 2
  1. 1.Dept. of Computer Science and EngineeringEwha Womans UniversityKorea
  2. 2.Electronics and Telecommunications Research InstituteKorea

Personalised recommendations