Title :
A Novel Threat Assessment Method for DDoS Early Warning Using Network Vulnerability Analysis
Author :
Liu, Qiang ; Yin, Jian-ping ; Cai, Zhi-Ping ; Zhu, Ming
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Distributed Denial of Service (DDoS) attack is one of main threats to Internet security. Due to the spatio-temporal properties of the attack, it is possible to detect the attack at its early stage. In this paper, we propose a novel method of DDoS threat assessment based on network vulnerability analysis. Both the multi-phase character in the temporal dimension and the impacts in the spatial dimension are concerned in our method. We use three metrics to assess threat, namely the ratio of progress, botnet size, and bots distribution. Experimental results show that our method is sensitive to the changes of attack states, and is easy to be implemented in an early warning system because of its simplicity.
Keywords :
Internet; computer network reliability; security of data; DDoS early warning; Internet security; distributed denial of service attack; network vulnerability analysis; novel threat assessment method; Algorithm design and analysis; Computer crime; Computers; Fires; Measurement; Servers; Botnet; DDoS attack; Early warning; Network vulnerability analysis; Threat assessment;
Conference_Titel :
Network and System Security (NSS), 2010 4th International Conference on
Conference_Location :
Melbourne, VIC
Print_ISBN :
978-1-4244-8484-3
Electronic_ISBN :
978-0-7695-4159-4
DOI :
10.1109/NSS.2010.52
