A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method

11/08/2018
by   P. D. Bojovic, et al.
0

This paper presents a hybrid method for the detection of distributed denial-of-service (DDoS) attacks that combines feature-based and volume-based detection. Our approach is based on an exponential moving average algorithm for decision-making, applied to both entropy and packet number time series. The approach has been tested by performing a controlled DDoS experiment in a real academic network. The network setup and test scenarios including both high-rate and low-rate attacks are described in the paper. The performance of the proposed method is compared to the performance of two methods that are already known in the literature. One is based on the counting of SYN packets and is used for detection of SYN flood attacks, while the other is based on a CUSUM algorithm applied to the entropy time series. The results show the advantage of our approach compared to methods that are based on either entropy or number of packets only.

READ FULL TEXT
research
08/04/2020

A Survey of Distributed Denial of Service Attacks and Defenses

A distributed denial-of-service (DDoS) attack is an attack wherein multi...
research
03/19/2019

DDoS attack detection method based on feature extraction of deep belief network

Distributed Denial of Service (DDOS) attack is one of the most common ne...
research
04/29/2020

Towards Understanding Man-on-the-Side Attacks (MotS) in SCADA Networks

We describe a new class of packet injection attacks called Man-on-the-Si...
research
04/29/2022

Mitigating Low-volume DoS Attacks with Data-driven Resource Accounting

Low-volume Denial-of-Service (μDoS) attacks have been demonstrated to fu...
research
05/30/2015

Efficient combination of pairswise feature networks

This paper presents a novel method for the reconstruction of a neural ne...
research
02/05/2018

Parsimonious Network based on Fuzzy Inference System (PANFIS) for Time Series Feature Prediction of Low Speed Slew Bearing Prognosis

In recent years, the utilization of rotating parts, e.g. bearings and ge...
research
09/17/2021

Denial-of-Service Attack Detection via Differential Analysis of Generalized Entropy Progressions

Denial-of-Service (DoS) attacks are one the most common and consequentia...

Please sign up or login with your details

Forgot password? Click here to reset