Advertisement

HLR_DDoS: A Low-Rate and High-Rate DDoS Attack Detection Method Using \(\alpha \)-Divergence

  • Nazrul HoqueEmail author
  • Dhruba K. Bhattacharyya
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 24)

Abstract

In this paper, an effective method called HLR_DDoS is proposed to detect both low- and high-rate flooding attacks using a statistical approach. The method detects both types of attacks in two steps: (i) normal traffic analysis using cross-correlation measure and (ii) identification of suspicious high- and low-rate attack traffic using \(\alpha \)-divergence. The proposed method is evaluated on DDoS CAIDA 2007 and DARPA 2000 datasets.

Keywords

Flooding attacks Anomaly detection Correlation Accuracy 

References

  1. 1.
    Hoque, N., Bhuyan, M.H., Baishya, R.C., Bhattacharyya, D., Kalita, J.K.: Network attacks: Taxonomy, tools and systems. Journal of Network and Computer Applications 40 (2014) 307–324Google Scholar
  2. 2.
    Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: Botnet in ddos attacks: trends and challenges. IEEE Communications Surveys & Tutorials 17 (2015) 2242–2270Google Scholar
  3. 3.
    Mirkovic, J., Reiher, P.: A taxonomy of ddos attack and ddos defense mechanisms. ACM SIGCOMM Computer Communication Review 34 (2004) 39–53Google Scholar
  4. 4.
    Xiang, Y., Li, K., Zhou, W.: Low-rate ddos attacks detection and traceback by using new information metrics. Information Forensics and Security, IEEE Transactions on 6 (2011) 426–437Google Scholar
  5. 5.
    Ahmed, E., Mohay, G., Tickle, A., Bhatia, S.: Use of ip addresses for high rate flooding attack detection. In: Security and Privacy–Silver Linings in the Cloud. Springer (2010) 124–135Google Scholar
  6. 6.
    Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: Ffsc: a novel measure for low-rate and high-rate ddos attack detection using multivariate data analysis. Security and Communication Networks 9 (2016) 2032–2041Google Scholar
  7. 7.
    Bhattacharyya D. K., Kalita, J.K.: Ddos attacks: Evolution, detection, prevention, reaction, and tolerance, CRC Press, 2014Google Scholar
  8. 8.
    Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical approaches to ddos attack detection and response. In: DARPA Information Survivability Conference and Exposition, 2003. Proceedings. Volume 1., IEEE (2003) 303–314Google Scholar
  9. 9.
    Yu, S., Zhou, W.: Entropy-based collaborative detection of ddos attacks on community networks. In: Pervasive Computing and Communications, 2008. PerCom 2008. Sixth Annual IEEE International Conference on, IEEE (2008) 566–571Google Scholar
  10. 10.
    Xiao, B., Chen, W., He, Y., Sha, E.H.: An active detecting method against syn flooding attack. In: Parallel and Distributed Systems, 2005. Proceedings. 11th International Conference on. Volume 1., IEEE (2005) 709–715Google Scholar
  11. 11.
    Yang, G., Gerla, M., Sanadidi, M.: Defense against low-rate tcp-targeted denial-of-service attacks. In: Computers and Communications, 2004. Proceedings. ISCC 2004. Ninth International Symposium on. Volume 1., IEEE (2004) 345–350Google Scholar
  12. 12.
    Chen, Y., Hwang, K.: Collaborative detection and filtering of shrew ddos attacks using spectral analysis. Journal of Parallel and Distributed Computing 66 (2006) 1137–1151Google Scholar
  13. 13.
    Zhang, C., Yin, J., Cai, Z., Chen, W.: Rred: robust red algorithm to counter low-rate denial-of-service attacks. Communications Letters, IEEE 14 (2010) 489–491Google Scholar
  14. 14.
    Zhang, C., Cai, Z., Chen, W., Luo, X., Yin, J.: Flow level detection and filtering of low-rate ddos. Computer Networks 56 (2012) 3417–3431Google Scholar
  15. 15.
    Wu, Z.j., Lei, J., Yao, D., Wang, M.h., Musa, S.M.: Chaos-based detection of ldos attacks. Journal of Systems and Software 86 (2013) 211–221Google Scholar
  16. 16.
    Zhijun, W., Yi, C., Meng, Y., Lan, M., Lu, W.: Cross-correlation based synchronization mechanism of lddos attacks. Journal of Networks 9 (2014) 604–611Google Scholar
  17. 17.
    Braga, R., Mota, E., Passito, A.: Lightweight ddos flooding attack detection using nox/openflow. In: Local Computer Networks (LCN), 2010 IEEE 35th Conference on, IEEE (2010) 408–415Google Scholar
  18. 18.
    Liu, H., Sun, Y., Valgenti, V.C., Kim, M.S.: Trustguard: A flow-level reputation-based ddos defense system. In: 2011 IEEE Consumer Communications and Networking Conference (CCNC), IEEE (2011) 287–291Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringTezpur UniversitySonitpurIndia

Personalised recommendations