Two-Layer Approach for Mixed High-Rate and Low-Rate Distributed Denial of Service (DDoS) Attack Detection and Filtering
- 85 Downloads
Distributed denial of service (DDoS) attacks are one of the most important attacks due to reducing the performance of computer networks nowadays. In recent years, the number of devices connected to the internet has been increasing. These devices are not only computers, but also objects of everyday use. The concept of internet has accelerated the increase considerably. Therefore, many problems arise in terms of DDoS attacks. One of them is low-rate DDoS attacks. While high-rate DDoS attacks are often performed with computers, low-rate DDoS attacks can be easily performed by computers and internet-connected objects. Therefore, effective defense mechanism against both attacks must be developed. In this study, new approaches are proposed to filter mixed high-rate DDoS and low-rate DDoS attacks. The ns-2 simulation tool was used to evaluate the performance of the proposed methods. Experimental results show that the proposed methods are successfully filtered mixed DDoS attacks.
KeywordsNetwork-level security and protection Security Distributed denial of service attacks QoS Intrusion detection system
Unable to display preview. Download preview PDF.
- 5.Fouladi, R.F.; Kayatas, C.E.; Anarim, E.: Frequency based DDoS attack detection approach using naive Bayes classification, In: 2016 39th International Conference on Telecommunications and Signal Processing (TSP), pp. 104–107 (2016)Google Scholar
- 10.Bhuyan, M.H.; Kalwar, A.; Goswami, A.; Bhattacharyya, D.K.; Kalita, J.K.: Low-rate and high-rate distributed DoS attack detection using partial rank correlation. In: Proceedings of 2015 5th International Conference on Communications Systems and Network Technologies CSNT 2015, pp. 706–710 (2015)Google Scholar
- 12.Shin, S.; Kim, K.; Jang, J.: D-SAT: Detecting SYN flooding attack by two-stage statistical approach. In: Proceedings of International on Symposium on Applications and Internet, pp. 430–436 (2005)Google Scholar
- 16.Luo, J.; Yang, X.: The NewShrew attack: a new type of low-rate TCP-targeted DoS attack. In: IEEE International Conference on Communications (ICC), vol. 2014, pp. 713–718 (2014)Google Scholar
- 17.Chonka, A.; Singh, J.; Zhou, W.: Chaos theory based detection against network mimicking DDoS attacks. Communications 13(9), 717–719 (2009)Google Scholar
- 19.Tao, Y.; Yu, S.: DDoS attack detection at local area networks using information theoretical metrics. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 233–240 (2013)Google Scholar