Detection of Low and High rate DDoS Attack using Metrics with SVM in FireCol Distributed Network
作者: P. Sindhu Priyanka , A. Gowrishankar
DOI:
关键词:
摘要: A federated network mainly operates with same Internet Service Provider (ISP) and virtual entities integrated it. Foremost frustration in unified is attack affair due to intruder intervention. Although attacks are classified according the rate dynamics, they different many other aspects such as implementations, intention, countermeasures. Distributed Denial of (DDoS) Low-rate DDoS vigorous threats almost every ISP. In a merged environment, routers work intimately elevate early warning evade terrible defacement. existing FireCol concerted protection, used detect flooding metric computations. It delivers better detection for but case low-rate attack, minimum parameters it fights find. order rout that, we prompt additional potential metrics Information distance metric, Generalized entropy Probability ,the Hybrid (the Total variation Bhattacharyya metric) SVM Classifier outsourcing performance exposure both high & low transmission diminution false alarms. The proportions packets being transmitted distributed client server topology. Both similarity dissimilarity distributions taken outline deviation behaviour user profile. Along classifies normal flows by using train test files, which attains accuracy 73.89%. Hence, computations classifier achieves results compared Firecol decision table mechanism. General Terms Attack detection, Security network, FireCol, Metric Computations.
ijcaonline.org参考文章(15)
Adel El-Atawy, Jérôme François, Raouf Boutaba, Ehab Al Shaer, A Collaborative Approach for Proactive Detection of Distributed Denial of Service Attacks IEEE Workshop on Monitoring, Attack Detection and Mitigation - MonAM'2007. ,(2007)
Farnam Jahanian, Danny McPherson, Evan Cooke, The Zombie roundup: understanding, detecting, and disrupting botnets conference on steps to reducing unwanted traffic on internet. pp. 6- 6 ,(2005)
Jérôme Francois, Issam Aib, Raouf Boutaba, FireCol: a collaborative protection network for the detection of flooding DDoS attacks IEEE ACM Transactions on Networking. ,vol. 20, pp. 1828- 1841 ,(2012) , 10.1109/TNET.2012.2194508
Xiao-ming LIU, Gong CHENG, Qi LI, Miao ZHANG, A comparative study on flood DoS and low-rate DoS attacks The Journal of China Universities of Posts and Telecommunications. ,vol. 19, pp. 116- 121 ,(2012) , 10.1016/S1005-8885(11)60458-5
Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems ACM Computing Surveys. ,vol. 39, pp. 3- ,(2007) , 10.1145/1216370.1216373
Anja Feldmann, Olaf Maennel, Z. Morley Mao, Arthur Berger, Bruce Maggs, Locating internet routing instabilities Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '04. ,vol. 34, pp. 205- 218 ,(2004) , 10.1145/1015467.1015491
Wenke Lee, Dong Xiang, Information-theoretic measures for anomaly detection ieee symposium on security and privacy. pp. 130- 143 ,(2001) , 10.1109/SECPRI.2001.924294
Andrew R Barron, Lhszl Gyorfi, Edward C van der Meulen, None, Distribution estimation consistent in total variation and in two types of information divergence IEEE Transactions on Information Theory. ,vol. 38, pp. 1437- 1454 ,(1992) , 10.1109/18.149496
Wei Wang, Xiaohong Guan, Xiangliang Zhang, Liwei Yang, Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data Computers & Security. ,vol. 25, pp. 539- 550 ,(2006) , 10.1016/J.COSE.2006.05.005
Yang Xiang, Ke Li, Wanlei Zhou, Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics IEEE Transactions on Information Forensics and Security. ,vol. 6, pp. 426- 437 ,(2011) , 10.1109/TIFS.2011.2107320