Title :
A P2P-Based Distributed Detection Scheme against DDoS Attack
Author :
Zhou, Zaihong ; Xie, Dongqing ; Xiong, Wei
Author_Institution :
Sch. of Comput. & Commun., Hunan Univ., Changsha
Abstract :
The distributed hosts in the Internet are organized into a P2P network by chord protocol for detection. The detection node uses the CUSUMpsilas sensitivity to the slight change to detect the change in the amount of packets to destination address. Upon the abnormality detected, it is broadcast based on the node trust. The response nodes use space similarity algorithm to calculate the similarity between request node and response node. The victim end makes a comprehensive decision whether the DDoS attack happens.The scheme detects DDoS at the source end; it can prevent the DDoS attack by means of forged IP address and random IP address and trace the origin of the attack hosts. The experimental results indicate that our scheme has better performance than CUSUM and time similarity algorithm single deployed. It can reach as high as 96.1% detection rate and with only 6.9% false positives rate.
Keywords :
IP networks; Internet; higher order statistics; peer-to-peer computing; protocols; telecommunication security; CUSUM algorithm; DDoS attack; IP address; Internet; P2P-based distributed detection scheme; broadcast detection; chord protocol; cumulative sum algorithm; Broadcasting; Change detection algorithms; Computer crime; Computer networks; Computer science; Detection algorithms; Distributed computing; IP networks; Protocols; Scalability; CUSUM; DDoS Attacks; Distributed Detection;
Conference_Titel :
Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-3581-4
DOI :
10.1109/ETCS.2009.329
