Skip to main content

A Combined Data Mining Approach for DDoS Attack Detection

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNCS,volume 3090)

Abstract

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method. In this paper, we propose a combined data mining approach for modeling the traffic pattern of normal and diverse attacks. This approach uses the automatic feature selection mechanism for selecting the important attributes. And the classifier is built with the theoretically selected attribute through the neural network. And then, our experimental results show that our approach can provide the best performance on the real network, in comparison with that by heuristic feature selection and any other single data mining approaches.

Keywords

  • Attack Type
  • Decision Tree Algorithm
  • Data Mining Approach
  • Heuristic Selection
  • Defense Capability

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-540-25978-7_95
  • Chapter length: 8 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   159.00
Price excludes VAT (USA)
  • ISBN: 978-3-540-25978-7
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   209.00
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kim, M., et al.: A Combined Data Mining Approach for DDoS Attack Detection. In: Proc. of ICOIN (2004), pp. 1365–1374 (2004)

    Google Scholar 

  2. Lee, W., Stolfo, S.J.: Data Mining Approaches for Intrusion Detection. In: Proc. of the 7th USENIX Security Symposium, pp. 79–94 (1998)

    Google Scholar 

  3. Na, H., et al.: Distributed Denial of Service Attack Detection using Netflow Traffic. In: Proc. of the Korea Information Processing Society (2003)

    Google Scholar 

  4. Aijun, L., Yunhui, L., Siwei, L.: Mapping a Decision Tree for Classification into a Neural Network. In: Proc. of the 6th International Conference on Computational Intelligence & Natural Computing (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, M., Na, H., Chae, K., Bang, H., Na, J. (2004). A Combined Data Mining Approach for DDoS Attack Detection. In: Kahng, HK., Goto, S. (eds) Information Networking. Networking Technologies for Broadband and Mobile Networks. ICOIN 2004. Lecture Notes in Computer Science, vol 3090. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25978-7_95

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-25978-7_95

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23034-2

  • Online ISBN: 978-3-540-25978-7

  • eBook Packages: Springer Book Archive