Skip to main content
SpringerLink
Log in
Book cover

Advances in Computer Science, Engineering & Applications pp 773–782Cite as

A Real Time Detection of Distributed Denial-of-Service Attacks Using Cumulative Sum Algorithm and Adaptive Neuro-Fuzzy Inference System

  • Conference paper

  • 1262 Accesses

Part of the book series: Advances in Intelligent Systems and Computing ((AINSC,volume 167))

Abstract

Distributed denial-of-service (DDoS) is a very powerful attack on Internet resources as well as system resources. Hence, it is imperative to detect these attacks in real time else the impact will be irresistible.In this work we propose a new method of applying cumulative sum (CUSUM) algorithm to track variations of the attack characteristic variable X(n) from the observed traffic (specific to different kinds of attacks) and raise an alarm based on threshold. But often a threshold based mechanism produces many false alarms. Adaptive Neuro Fuzzy Inference System (ANFIS) which is capable of removing the abrupt separation between normality and abnormality as well as appropriately select the membership function parameters has been used for detection of attacks based on CUSUM values. The detection mechanism is well corroborated by experimental results.

This work is a part of the CDBR-Smart and Secure Environment project sponsored by NTRO, New Delhi, India.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   259.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Specht, S., Lee, B.: Distributed denial of service: taxonomies of attacks, tools and countermeasures. In: Proc. of the 17th ICPADS, International Workshop on Security in Parallel and Distributed Systems, pp. 543–550 (September 2004)

    Google Scholar 

  2. Moore, D., Voelker, G.M., Savage, S.: Inferring Internet Denial-of-Service Activity. In: Proc. Usenix Security Symp., Usenix Assoc. (2001)

    Google Scholar 

  3. Wang, H., Zhang, D., Shin, K.G.: Change-Point Monitoring for the Detection of DoS Attacks. IEEE Transactions on Dependable and Secure Computing 1(4) (October-December 2004)

    Google Scholar 

  4. Mirkovic, J., Reiher, P.: Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM SIGCOMM Computer Comunication Review 34(2) (August 2004)

    Google Scholar 

  5. Sourcefire Snort: The Open Source Network Intrusion Detection System

    Google Scholar 

  6. Mirkovic, J.: D-WARD: Source-End Defense Against Distributed Denial-of-Service Attacks, PhD thesis, University of California Los Angeles (August 2003)

    Google Scholar 

  7. Mahajan, R., Bellovin, S., Floyd, S., Paxson, V., Shenker, S.: Controlling high bandwidth aggregates in the network. ACM Computer Communications Review 32(3) (July 2002)

    Google Scholar 

  8. Yan, J., Early, S., Anderson, R.: The XenoService: A Distributed Defeat for Distributed Denial of Service. In: Proceedings of ISW 2000 (October 2000)

    Google Scholar 

  9. Gil, T.M.: Poletto. M.: MULTOPS: a data-structure for bandwidth attack detection. In: Proceedings of 10th Usenix Security Symposium (August 2001)

    Google Scholar 

  10. Information Sciences Institute, Dynabone, http://www.isi.edu/dynabone/

  11. Dittrich, D.: The Tribe Flood Network distributed denial of service attack tool, http://sta®.washington.edu/dittrich/misc/tfn.analysis.txt

    Google Scholar 

  12. Mazu Networks, Mazu Technical White Papers, http://www.mazunetworks.com/whitepapers/

  13. BBN Technologies, Intrusion tolerance by unpredictability and adaptation, http://www.bbn.com/infosec/itua.html

  14. Bernstein, D.J., Schenk, E.: Linux Kernel SYN Cookies Firewall Project, http://www.bronzesoft.org/project/scfw

  15. Lemon, J.: Resisting SYN flood DoS attacks with a SYN cache. In: Proceedings of the BSDCon 2002 Conference, San Francisco, California, USA, USENIX Association (2002)

    Google Scholar 

  16. Wang, H., Zhang, D., Shin, K.: Detecting SYN Flooding Attacks. In: Proc. 21st Joint Conf. IEEE Computer and Comm. Societies (IEEE INFOCOM), pp. 1530–1539. IEEE Press (2002)

    Google Scholar 

  17. Peng, T., Leckie, C., Ramamohanarao, K.: Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  18. Zhou, Z., Xie, D., Xiong, W.: A Novel Distributed Detection Scheme against DDoS Attack. Journal of Networks 4(9), 921–928 (2009), doi:10.4304/jnw.4.9.921-928

    Article  Google Scholar 

  19. Leu, F., Li, Z.: Detecting DoS and DDoS Attacks by Using an Intrusion Detection and Remote Prevention System. In: International Symposium on Information Assurance and Security, vol. 2, pp. 251–254 (2009); 2009 Fifth International Conference on Information Assurance and Security (2009)

    Google Scholar 

  20. Brodsky, B.E., Darkhovsky, B.S.: Nonparametric Methods in Change-Point Problems. Kluwer Academic (1993)

    Google Scholar 

  21. Basseville, M., Nikiforov, I.V.: Detection of Abrupt Changes: Theory and Application. Prentice-Hall (1993)

    Google Scholar 

  22. Shing, J., Jang, R.: ANFIS: Adaptive-Network-Based Fuzzy Inference System. IEEE Transactions on Systems, Man, and Cybernetics 23(3) (May/June 1993)

    Google Scholar 

  23. Hick, P., Aben, E., Polterock, J.: The CAIDA DDoS Attack 2007 Dataset (2007), http://www.caida.org/data/passive/ddos-20070804_dataset.xml

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics and Computer Applications, PSG College of Technology, Coimbatore, 641004, India

    R. Anitha, R. Karthik, V. Pravin & K. Thirugnanam

Authors
  1. R. Anitha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. R. Karthik
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. V. Pravin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. K. Thirugnanam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to R. Anitha .

Editor information

Editors and Affiliations

  1. Southeastern Louisiana University, Hammond, 70402, USA

    David C. Wyld

  2. Mendel University, Brno, 600 00, Czech Republic

    Jan Zizka

  3. Wireilla Net Solutions PTY Ltd, Melbourne, Australia

    Dhinaharan Nagamalai

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag GmbH Berlin Heidelberg

About this paper

Cite this paper

Anitha, R., Karthik, R., Pravin, V., Thirugnanam, K. (2012). A Real Time Detection of Distributed Denial-of-Service Attacks Using Cumulative Sum Algorithm and Adaptive Neuro-Fuzzy Inference System. In: Wyld, D., Zizka, J., Nagamalai, D. (eds) Advances in Computer Science, Engineering & Applications. Advances in Intelligent Systems and Computing, vol 167. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30111-7_74

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30111-7_74

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30110-0

  • Online ISBN: 978-3-642-30111-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation