• DocumentCode
    3433288
  • Title

    A Heuristic DDoS Flooding Attack Detection Mechanism Analyses based on the Relationship between Input and Output Traffic Volumes

  • Author

    Fengxiang, Zhang ; Abe, Shunji

  • Author_Institution
    Graduate Univ. for Adv. Studies, Tokyo
  • fYear
    2007
  • fDate
    13-16 Aug. 2007
  • Firstpage
    798
  • Lastpage
    802
  • Abstract
    Nowadays various kinds of anomalies are prohibiting the widely used Internet from offering normal services. Within them a novel anomaly is caused by bandwidth attacks. To defense these threats many detecting schemes are essentially based on unidirectional checking of traffic changes. When legitimately abrupt changes appear, they might result in false alarms. In this paper we consider the problem from the bidirectional-traffic view and analyze the traffic characteristics by checking the input/output traffic characteristics of the protected network node. We have analyzed the relationship between input and output traffic volume pairs in the simulation traffic and studied them both under normal and abnormal cases. Based on these analyses, we´ve proposed a heuristic DDoS flooding attack detection method and showed a verifying simulation as well.
  • Keywords
    Internet; telecommunication security; telecommunication traffic; Internet; bidirectional-traffic view; distributed denial of service; heuristic DDoS flooding attack detection mechanism input traffic volumes; output traffic volumes; protected network node; traffic characteristics; Analytical models; Bit rate; Computer crime; Face detection; Floods; Informatics; Telecommunication traffic; Traffic control; Web and internet services; Web server; Anomaly detection; DDoS flooding; Input-output traffic proportion; legitimately abrupt change;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Communications and Networks, 2007. ICCCN 2007. Proceedings of 16th International Conference on
  • Conference_Location
    Honolulu, HI
  • ISSN
    1095-2055
  • Print_ISBN
    978-1-4244-1251-8
  • Electronic_ISBN
    1095-2055
  • Type

    conf

  • DOI
    10.1109/ICCCN.2007.4317915
  • Filename
    4317915