Title :
A Rank Correlation Based Detection against Distributed Reflection DoS Attacks
Author :
Wei Wei ; Feng Chen ; Yingjie Xia ; Guang Jin
Author_Institution :
Coll. of Inf. Sci. & Eng., Henan Univ. of Technol., Zhengzhou, China
Abstract :
DDoS presents a serious threat to the Internet since its inception, where lots of controlled hosts flood the victim site with massive packets. Moreover, in Distributed Reflection DoS (DRDoS), attackers fool innocent servers (reflectors) into flushing packets to the victim. But most of current DRDoS detection mechanisms are associated with specific protocols and cannot be used for unknown protocols. It is found that because of being stimulated by the same attacking flow, the responsive flows from reflectors have inherent relations: the packet rate of one converged responsive flow may have linear relationships with another. Based on this observation, the Rank Correlation based Detection (RCD) algorithm is proposed. The preliminary simulations indicate that RCD can differentiate reflection flows from legitimate ones efficiently and effectively, thus can be used as a useable indicator for DRDoS.
Keywords :
Internet; computer network security; correlation methods; file servers; DRDoS detection mechanisms; Internet; RCD algorithm; controlled hosts; distributed reflection DoS attacks; flushing packets; linear relationships; packet rate; rank correlation based detection algorithm; victim site; Computer crime; Correlation; Educational institutions; Internet; Niobium; Protocols; DDoS detection; Rank correlation; reflection DoS;
Journal_Title :
Communications Letters, IEEE
DOI :
10.1109/LCOMM.2012.121912.122257
