Abstract
Since the normal data fail to be transmitted under the SYN Flood attack, the paper proposes a detection method which can rapidly and accurately detect the SYN Flood attack. First, it takes a real - time intercept of network traffic, and selects network traffic to discrete. Second, the fitting function can be achieved by fitting the discrete network traffic repeatedly. Finally, the integral value of the fitting function is calculated, which is used to compare with the Hurst value. The SYN Flood attack can be effectively detected by comparing the integral value, which calculated by the fitting function curve, with the Hurst value of the network traffic.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zhang, F., Zhao, Y., Wang, D., Wang, H.: Research on network traffic prediction based on traffic characteristics. Comput. Sci. 41(04), 86–89+98 (2014)
Hui, W., Ji, Z., Zhu, S.: Self-similar network traffic model research. Intell. Comput. Appl. 3(02), 34–41 (2013)
Dai, K., Hu, B., Wang, X.: Study on worm attack detection method based on network traffic self-similarity. Mod. Electron. Tech. 34(04), 113–115 (2011)
Mei, X.: Research and Application of Network Traffic Model Based on Diffusion Wavelet. Beijing Jiaotong University, Beijing (2016)
Gao, B., Zhang, Q., Liang, Y.: Self-similar network traffic prediction based on EMD and ARMA. J. Commun. 32(04), 47–56 (2011)
Kshirsagar, D., Sawant, S., Rathod, A.: CPU load analysis & minimization for TCP SYN flood detection. Procedia Comput. Sci. 85, 626–633 (2016)
Wei, G., Gu, Y., Ling, Y.: An early stage detecting method against SYN flooding attack. In: International Symposium on Computer Science and its Applications 2008, pp. 263–268. IEEE Computer Society (2008)
Zhang, X., Xu, X., Zhu, S.: DDoS attack detection method based on Hurst exponential variance analysis. Comput. Eng. 14, 149–151 (2008)
Kavisankar, L., Chellappan, C.: A mitigation model for TCP SYN flooding with IP spoofing. In: International Conference on Recent Trends in Information Technology 2011, ICRTIT, Chennai, Tamil Nadu, pp. 251–256 (2011)
Bogdanoski, M., Toshevski, A., Bogatinov, D.: A novel approach for mitigating the effects of the TCP SYN flood DDoS attacks. World J. Model. Simul. 12(3), 217–230 (2016)
Wang, X., Zhang, J.: DDoS attack detection algorithm based on wavelet analysis and information entropy. J. Comput. Appl. Softw. 30(06), 307–311 (2013)
Ren, Y., Liu, Y.: A DDoS attack detection method based on wavelet analysis. Comput. Eng. Appl. 48(31), 82–88 (2012)
Ding, P., Tian, Z., Zhang, H.: Detection and defense of SYN flood attacks based on dual stack network firewall. In: IEEE International Conference on Data Science in Cyberspace 2017, pp. 526–531. IEEE (2017)
Haris, S.H.C., Ahmad, R.B., Ghani, M.A.H.A.: Detecting TCP SYN flood attack based on anomaly detection. In: IEEE International Conference 2010. IEEE (2010)
Bellaïche, M., Grégoire, J.C.: SYN flooding attack detection by TCP handshake anomalies. Secur. Commun. Netw. 5(7), 709–724 (2012)
Deka, R.K., Bhattacharyya, D.K.: Self-similarity based DDoS attack detection using Hurst parameter. Secur. Commun. Netw. 5(9), 4468–4481 (2016)
Acknowledgments
This work is jointly supported by National Natural Science Foundation of China (Grant No. 51504010), and Key Projects of Anhui Province University Outstanding Youth Talent Support Program (Grant No. gxyqZD2016083).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Zhang, D., Zhu, X., Wang, L. (2017). A SYN Flood Detection Method Based on Self – similarity in Network Traffic. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, KK. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2017. Lecture Notes in Computer Science(), vol 10658. Springer, Cham. https://doi.org/10.1007/978-3-319-72395-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-72395-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72394-5
Online ISBN: 978-3-319-72395-2
eBook Packages: Computer ScienceComputer Science (R0)