Discriminating flash crowds from DDoS attacks using efficient thresholding algorithm

2021 ◽  
Author(s):  
Jisa David ◽  
Ciza Thomas
Keyword(s):  
Ddos Attacks ◽  
Thresholding Algorithm ◽  
Flash Crowds

Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient

2012 ◽  
Vol 23 (6) ◽  
pp. 1073-1080 ◽  
Author(s):  
Shui Yu ◽  
Wanlei Zhou ◽  
Weijia Jia ◽  
Song Guo ◽  
Yong Xiang ◽  
...  
Keyword(s):  
Correlation Coefficient ◽  
Ddos Attacks ◽  
Flash Crowds

scholarly journals A Practical System for Guaranteed Access in the Presence of DDoS Attacks and Flash Crowds

2015 ◽  
Author(s):  
Yi-Hsuan Kung ◽  
Taeho Lee ◽  
Po-Ning Tseng ◽  
Hsu-Chun Hsiao ◽  
Tiffany Hyun-Jin Kim ◽  
...  
Keyword(s):  
Ddos Attacks ◽  
Practical System ◽  
Flash Crowds

scholarly journals Distinguishing flooding distributed denial of service from flash crowds using four data mining approaches

2017 ◽  
Vol 14 (3) ◽  
pp. 839-856
Author(s):  
Bin Kong ◽  
Kun Yang ◽  
Degang Sun ◽  
Meimei Li ◽  
Zhixin Shi
Keyword(s):  
Data Mining ◽  
Denial Of Service ◽  
High Accuracy ◽  
Entropy Method ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Extensive Analysis ◽  
Significant Damage ◽  
New Feature ◽  
Flash Crowds

Flooding Distributed Denial of Service (DDoS) attacks can cause significant damage to Internet. These attacks have many similarities to Flash Crowds (FCs) and are always difficult to distinguish. To solve this issue, this paper first divides existing methods into two categories to clarify existing researches. Moreover, after conducting an extensive analysis, a new feature set is concluded to profile DDoS and FC. Along with this feature set, this paper proposes a new method that employs Data Mining approaches to discriminate between DDoS attacks and FCs. Experiments are conducted to evaluate the proposed method based on two realworld datasets. The results demonstrate that the proposed method could achieve a high accuracy (more than 98%). Additionally, compared with a traditional entropy method, the proposed method still demonstrates better performance.

scholarly journals A Hybrid Model for Detecting DDoS Attacks in Wide Area Networks

2019 ◽  
Vol 8 (2) ◽  
pp. 3488-3493
Keyword(s):  
Denial Of Service ◽  
Hybrid Approach ◽  
Wide Area ◽  
Wide Area Networks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Attack ◽  
Comprehensive Framework ◽  
Flash Crowds

Wide Area Networks (WANs) are subjected massive Denial of Service (DoS) attacks known as Distributed Denial of Service (DDoS) attacks. There are many distributed computing use cases in the real world. They include banking, insurance, e-Commerce and a host of other applications. In distributed environments, these applications are targeted by adversaries for launching DDoS attacks of various kinds. Such attacks cause the servers to be very busy answering fake traffic from the compromised nodes used by attackers from behind the scene. Large number of computers over Internet are compromised by attackers and through such machines DDoS attack is made. The server machines that provide services to genuine users become victims of such attacks. Detecting DDoS attacks is difficult in the presence of flash crowds that resembles DDoS traffic. As there are different kinds of DDoS attacks, it is understood, from the literature, that there is need for further research to have a comprehensive framework for detecting different kinds of DDoS attacks. In this paper we proposed a hybrid approach for detecting various kinds of DDoS attacks and simulation study is made to have proof of the concept. The results of the experiments revealed that the proposed methodology is useful to detect DDoS attacks in wide area networks.

Sign in / Sign up

Export Citation Format

Share Document