DocumentCode :
3348961
Title :
Detecting DDoS Attack Based on Empirical Mode Decomposition
Author :
Wang, Xiujuan ; Zheng, Kangfeng
Author_Institution :
Coll. of Comput. Sci., Beijing Univ. of Technol., Beijing, China
fYear :
2011
fDate :
21-23 Oct. 2011
Firstpage :
483
Lastpage :
486
Abstract :
The paper proposes to apply Empirical Mode Decomposition (EMD) to network traffic signal. Then the corresponding intrinsic mode functions (IMFs) are obtained to calculate their Hurst index based on which the influence to the IMF Hurst after DDoS attack was analyzed. Finally, it makes a judgment on whether a DDoS attack happened or not by solving the IMF Hurst index of the unsure sequence. Experimental results show that, compared with the original signal Hurst index assay, this method can increase detection precision and CI, reduce the rate of false positives and false negative. The method behaves well in distinguishing attacked traffic from normal ones.
Keywords :
computer network security; functions; DDoS attack detection; IMF Hurst index; empirical mode decomposition; intrinsic mode functions; network traffic signal; Computer crime; Computers; Educational institutions; Indexes; Internet; Monitoring; Telecommunication traffic; DDoS detection; Empirical Mode Decomposition (EMD); intrinsic mode function; self-similarity;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-0-7695-4519-6
Type :
conf
DOI :
10.1109/IMCCC.2011.126
Filename :
6154151
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3348961
بازگشت