Detecting DDoS attacks at the source using multiscaling analysis

Author

Petiz, Ivo ; Salvador, Paulo ; Nogueira, Antonio ; Rocha, Eduardo

Author_Institution

Inst. de Telecomun., Aveiro, Portugal

fYear

2014

fDate

17-19 Sept. 2014

Firstpage

1

Lastpage

5

Abstract

The proliferation of Distributed Denial of Service (DDoS) attacks is a constant threat to business and individuals. Existing systems proved to be inefficient when deploying counter-measures at the target of the attacks. In fact, efficient counteractions should be applied at the networks that contain the sources of the attack. However, the detection of such type of attacks at the source is extremely difficult. In this work, we propose a novel and more efficient methodology to detect DDoS attacks at the source that relies on the inherent periodicity of the traffic generated by DDoS attack sources. Detecting and quantifying the traffic periodic components using multiscaling traffic analysis based on wavelet scalograms allows an efficient detection of DDoS attacks at the source, even when the attacks are performed using encrypted channels or are embedded within licit traffic.

Keywords

computer network security; telecommunication traffic; wavelet transforms; DDoS attack sources; distributed denial of service attacks; encrypted channels; multiscaling traffic analysis; traffic periodic components; wavelet scalograms; Bandwidth; Computer crime; Cryptography; IP networks; Servers; Virtual private networks; Wavelet analysis; DDoS; multiscaling analysis; source detection; wavelet;

fLanguage

English

Publisher

ieee

Conference_Titel

Telecommunications Network Strategy and Planning Symposium (Networks), 2014 16th International

Conference_Location

Funchal

Type

conf

DOI

10.1109/NETWKS.2014.6959267

Filename

6959267