Abstract
Distributed denial of service (DDoS) attacks are one of the most important attacks due to reducing the performance of computer networks nowadays. In recent years, the number of devices connected to the internet has been increasing. These devices are not only computers, but also objects of everyday use. The concept of internet has accelerated the increase considerably. Therefore, many problems arise in terms of DDoS attacks. One of them is low-rate DDoS attacks. While high-rate DDoS attacks are often performed with computers, low-rate DDoS attacks can be easily performed by computers and internet-connected objects. Therefore, effective defense mechanism against both attacks must be developed. In this study, new approaches are proposed to filter mixed high-rate DDoS and low-rate DDoS attacks. The ns-2 simulation tool was used to evaluate the performance of the proposed methods. Experimental results show that the proposed methods are successfully filtered mixed DDoS attacks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Gui, L.; Zhou, Y.; Xu, R.; He, Y.; Lu, Q.: Learning representations from heterogeneous network for sentiment classification of product reviews. Knowl. Based Syst. 124, 34–45 (2017)
Zhi-Jun, W.; Hai-Tao, Z.; Ming-Hua, W.; Bao-Song, P.: MSABMS-based approach of detecting LDoS attack. Comput. Secur. 31(4), 402–417 (2012)
Ding, K.; Li, Y.; Quevedo, D.E.; Dey, S.; Shi, L.: A multi-channel transmission schedule for remote state estimation under DoS attacks. Automatica 78, 194–201 (2017)
Bhuyan, M.H.; Bhattacharyya, D.K.; Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recognit. Lett. 51, 1–7 (2015)
Fouladi, R.F.; Kayatas, C.E.; Anarim, E.: Frequency based DDoS attack detection approach using naive Bayes classification, In: 2016 39th International Conference on Telecommunications and Signal Processing (TSP), pp. 104–107 (2016)
Chen, Y.; Hwang, K.: Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. J. Parallel Distrib. Comput. 66(9), 1137–1151 (2006)
Zhang, C.; Cai, Z.; Chen, W.; Luo, X.; Yin, J.: Flow level detection and filtering of low-rate DDoS. Comput. Netw. 56(15), 3417–3431 (2012)
Şimşek, M.: A new metric for flow-level filtering of low-rate DDoS attacks. Secur. Commun. Netw. 8(18), 3815–3825 (2015)
Mirkovic, J.; Reiher, P.: D-WARD: a source-end defense against flooding denial-of-service attacks. IEEE Trans. Dependable Secur. Comput. 2(3), 216–232 (2005)
Bhuyan, M.H.; Kalwar, A.; Goswami, A.; Bhattacharyya, D.K.; Kalita, J.K.: Low-rate and high-rate distributed DoS attack detection using partial rank correlation. In: Proceedings of 2015 5th International Conference on Communications Systems and Network Technologies CSNT 2015, pp. 706–710 (2015)
Wu, Z.J.; Lei, J.; Yao, D.; Wang, M.H.; Musa, S.M.: Chaos-based detection of LDoS att acks. J. Syst. Softw. 86(1), 211–221 (2013)
Shin, S.; Kim, K.; Jang, J.: D-SAT: Detecting SYN flooding attack by two-stage statistical approach. In: Proceedings of International on Symposium on Applications and Internet, pp. 430–436 (2005)
Luo, J.; Yang, X.; Wang, J.; Xu, J.; Sun, J.; Long, K.: On a mathematical model for low-rate shrew DDoS. IEEE Trans. Inf. Forensics Secur. 9(7), 1069–1083 (2014)
Li, H.; Zhu, J.; Wang, Q.; Zhou, T.; Qiu, H.; Li, H.: LAAEM: a method to enhance LDoS attack. IEEE Commun. Lett. 20(4), 708–711 (2016)
Yue, M.; Wu, Z.; Wang, M.: A new exploration of FB-shrew attack. IEEE Commun. Lett. 20(10), 1987–1990 (2016)
Luo, J.; Yang, X.: The NewShrew attack: a new type of low-rate TCP-targeted DoS attack. In: IEEE International Conference on Communications (ICC), vol. 2014, pp. 713–718 (2014)
Chonka, A.; Singh, J.; Zhou, W.: Chaos theory based detection against network mimicking DDoS attacks. Communications 13(9), 717–719 (2009)
François, J.; Aib, I.; Boutaba, R.: FireCol: A collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Trans Netw (TON) 20(6), 1828–1841 (2012)
Tao, Y.; Yu, S.: DDoS attack detection at local area networks using information theoretical metrics. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 233–240 (2013)
Ma, X.; Chen, Y.: DDoS detection method based on chaos analysis of network traffic entropy. IEEE Commun. Lett. 18(1), 114–117 (2014)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Toklu, S., Şimşek, M. Two-Layer Approach for Mixed High-Rate and Low-Rate Distributed Denial of Service (DDoS) Attack Detection and Filtering. Arab J Sci Eng 43, 7923–7931 (2018). https://doi.org/10.1007/s13369-018-3236-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13369-018-3236-9