DDoS Detection System Using Wavelet Features and Semi-supervised Learning

  • V. Srihari
  • R. Anitha
Part of the Communications in Computer and Information Science book series (CCIS, volume 467)


Protection of critical information infrastructure is a major task for the network security experts in any part of the globe. There are certain threats that will never evade away despite sophisticated advancements in defense strategy. Among them, Distributed Denial of Service (DDoS) attacks have witnessed continual growth in scale, frequency and intensity. The impact of DDoS attacks can be devastating such that it creates severe ripples to the cyberworld. Nowadays, attackers are advancing towards different variants of DDoS attacks to escape from the detection mechanisms. In this paper, a new DDoS Detection system is proposed. Initially, wavelet based features are extracted and classified using semi-supervised learning to detect the DDoS attacks. Different wavelet families are studied and the combination of them seems to be robust and efficient and hence used as features. Machine learning algorithms are highly appreciated in many classification problems. There is a considerable demand for labeled dataset and hence to bridge the gap between them and unlabeled dataset, semi-supervised learning algorithm is employed to classify the attack from normal traffic. Extensive analysis is performed by conducting experiments and by using real-time dataset. Results obtained are convincing and hence can be modeled for real-time approach.


Distributed Denial of Service attacks Wavelets Semi-Supervised learning Tri-training 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    The Enterprise guide to DDoS Protection. Technical Report, Arbor White paper (2013)Google Scholar
  2. 2.
    Ten Days of Rain. Technical Report, McAfee White paper (2011)Google Scholar
  3. 3.
    RioRey Taxonomy of DDoS attacks. Technical Report, RioRey White paper (2011)Google Scholar
  4. 4.
    Zhou, Z.H., Li, M.: Tri-training: Exploiting unlabeled data using three classifiers. IEEE T. on Knowledge and Data Mining 17(11), 1529–1541 (2005)CrossRefGoogle Scholar
  5. 5.
    Ren, X., Wang, R., Wang, H.: Wavelet analysis method for detection of DDoS attack on the basis of self-similarity. Frontiers of Electrical and Electronics Engineering in China 2(1), 73–77 (2007)CrossRefGoogle Scholar
  6. 6.
    Lu, W., Ghorbani, A.A.: Network anomaly detection based on wavelet analysis. EUROSIP J. on Advances in Signal Processing 4 (2009)Google Scholar
  7. 7.
    Palmieri, F., Fiore, U., Castiglione, A., Santis, A.D.: On the detection of card-sharing traffic through wavelet analysis and Support Vector Machines. J. on Applied Soft Computing 13(1), 615–627 (2013)CrossRefGoogle Scholar
  8. 8.
    Yang, M.H., Wang, R.C.: DDoS Detection based on wavelet kernel support machine. The Journal of China Universities of Posts and Telecommunications 15(3), 59–94 (2008)CrossRefGoogle Scholar
  9. 9.
    Agrawal, P.K., Gupta, B.B., Jain, S.: SVM Based Scheme for Predicting Number of Zombies in a DDoS Attack. In: IEEE Intelligence and Security Informatics Conference, pp. 178–182. IEEE (2011)Google Scholar
  10. 10.
    Subbulakshmi, T., Shalinie, S.M., Ganapathi Subramanian, V., Bala Krishnan, K., Anand Kumar, D., Kannathal, K.: Detection of DDoS attacks using Enhanced Support Vector Machines with real time generated dataset. In: 3rd IEEE International Conference on Advanced Computing, pp. 17–22. IEEE (2011)Google Scholar
  11. 11.
    Ramamoorthi, A., Subbulakshmi, T., Shalinie, S.M.: Real time detection and classification of DDoS attacks using Enhanced SVM with string kernels. In: Recent Trends in Information Technology, pp. 91–96. IEEE (2011)Google Scholar
  12. 12.
    Rahmani, H., Sahli, N., Kamoun, F.: DDoS flooding attack detection scheme based on F-divergence. J. Computer Communications 35(11), 1380–1391 (2012)CrossRefGoogle Scholar
  13. 13.
    Li, K., Zhang, W., Ma, X., Cao, Z., Zhang, C.: A novel semi-supervised SVM based on tri-training. In: 2nd IEEE International Symposium on Intelligent Information Technology Application, pp. 47–51. IEEE (2008)Google Scholar
  14. 14.
    Li, Y., Li, Z., Wang, R.: Intrusion detection algorithm based on semi-supervised learning. In: IEEE International Conference on Information Technology, Computer Engineering and Management Sciences, pp. 153–156. IEEE (2011)Google Scholar
  15. 15.
    Chapelle, O., Scholkopf, B., Zien, A.: Semi-Supervised Learning, 2. MIT Press, Cambridge (2006)Google Scholar
  16. 16.
    Xiang, Y., Lin, Y., Lei, W.L., Huang, S.J.: DDoS detection based on traffic self-similarity. IEE Proceedings-Communications 151(3), 292–295 (2004)CrossRefGoogle Scholar
  17. 17.
    Satiyan, M., Hariharan, M., Nagarajan, R.: Comparison of Performance using Daubechies Wavelet family for facial Expression Recognition. In: 6th International Colloquium on Signal Processing and its Applications (CSPA), pp. 1–5. IEEE (2010)Google Scholar
  18. 18.
    Xian, G., Wang, Z.: An effective technique of wavelet transform for optical signal real-time processing. In: Proceedings on Communications, Circuits and Systems, pp. 653–657. IEEE (2005)Google Scholar
  19. 19.
    Haung, S., Hsieh, C.T.: Coiflet Wavelet transform applied to inspect power system disturbance - generated signals. IEEE T. on Aerospace and Electronic Systems 38(1), 204–210 (2000)Google Scholar
  20. 20.
    Liu, H., Sun, Y., Valgenti, V.C., Kim, M.S.: TrustGuard: A flow level reputation based DDoS defense mechanism. In: Consumer Communications and Network Conference (CCNS), pp. 287–291. IEEE (2011)Google Scholar
  21. 21.
    Luo, H., Lin, Y., Zhang, H.: Preventing DDoS attacks by means of identifier locator separation. IEEE Networks (2013) Google Scholar
  22. 22.
    Andrysiak, T., Saganowski, Ł., Choraś, M.: DDoS attacks detection by means of greedy algorithms. In: Choraś, R.S. (ed.) Image Processing and Communications Challenges 4. AISC, vol. 184, pp. 303–310. Springer, Heidelberg (2013)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • V. Srihari
    • 1
  • R. Anitha
    • 1
  1. 1.Dept. of Applied Mathematics and Computational SciencesPSG College of TechnologyCoimbatoreIndia

Personalised recommendations