Advertisement

Detection of Flooding Attacks Using Multivariate Analysis

  • Priyanka MeelEmail author
  • Tanmay Singh
Conference paper
  • 35 Downloads
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 49)

Abstract

In this paper, we propose a multivariate statistical analysis method namely the Hotelling’s T2 Method for the analysis of common network flooding attacks. The method analyses the behavior of system resources and network protocols and builds a baseline profile for its normal operation. We validated the proposed mechanism by carrying out flooding attacks on a wired network with Windows. We generated and sent attack packets through codes to a host machine, analyzed them (using Wireshark) and used a multivariate statistical method for testing the attack. This method effectively differentiates between normal and attack traffic and sets an alert in case of any abnormality in behavior.

Keywords

Abnormality distance metric Anomaly detection Multivariate statistical analysis 

References

  1. 1.
    Forouzan, B.A.: Data Communications and Networking (McGraw-Hill Forouzan Networking). McGraw-Hill Higher Education (2007)Google Scholar
  2. 2.
    Biswas, A.: Impact Analysis of System and Network Attacks (2008). All Graduate Theses and Dissertations. Paper 199. http://digitalcommons.usu.edu/etd/199
  3. 3.
    Li, M., Chi, C.H., Jia, W., Zhao, W., Zhou, W., Cao, J., Long, D., Meng, Q.: Decision analysis of statistically detecting distributed denial-of-service flooding attacks. Int. J. Inf. Technol. Decis. Making 2(3), 397–405 (2003)CrossRefGoogle Scholar
  4. 4.
    Schildt, H.: The Complete Reference Java 2, 5th edn (2002)Google Scholar
  5. 5.
    Xiaoming, L., Sejdini, V., Chowdhury, H.: Denial of Service (DoS) attack with UDP Flood (2010)Google Scholar
  6. 6.
    Ligh, M., Adair, S., Hartstein, B., Richard, M.: Malware analyst’s cookbook and DVD: tools and techniques for fighting malicious code (2011)Google Scholar
  7. 7.
    Alam, M.O., Adnan, A., Aktaruzzaman, A.K.M.: TCP SYN Flood DoS Attack Experiments in Wireless Networks (2007)Google Scholar
  8. 8.
    Noureldien, N.A.: Protecting web servers from DoS/DDoS flooding attacks. A technical overview (2002)Google Scholar
  9. 9.
    Antoniou, S.: The ping of death and other dos network attacks, 14 May 2009Google Scholar
  10. 10.
    Eddy, W.M., Verizon Federal Network Systems: Defenses against TCP SYN flooding attacks. Internet Protocol J. 9(4), 2–16 (2006)Google Scholar
  11. 11.
    Wireshark User’s Guide (2008)Google Scholar
  12. 12.
    Jing, X., Yan, Z., Jiang, X., Pedrycz, W.: Network traffic fusion and analysis against DDoS flooding attacks with a novel reversible sketch. In: Information Fusion 2019 (2019)Google Scholar
  13. 13.
    Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D.K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)CrossRefGoogle Scholar
  14. 14.
    Kwon, D., Kim, H., An, D., Ju, H.: DDoS attack volume forecasting using a statistical approach. In: 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) (2017)Google Scholar
  15. 15.
    Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis. In: 2016 8th International Conference on Communication Systems and Networks (COMSNETS) (2016)Google Scholar
  16. 16.
    Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R.P.: A system for denial-of-service attack detection based on multivariate correlation analysis. IEEE Trans. Parallel Distrib. Syst. 25, 447–456 (2014)CrossRefGoogle Scholar
  17. 17.
    Bogdanoski, M., Shuminoski, T., Risteski, A.: Analysis of the SYN Flood DoS Attack (2013)Google Scholar
  18. 18.
    Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R.P.: Denial-of-service attack detection based on multivariate correlation analysis. In: Lu, B.L., Zhang, L., Kwok, J. (eds.) Neural Information Processing, ICONIP 2011. LNCS, vol. 7064. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  19. 19.
    Praveena, A., Smys, S.: Anonymization in social networks: a survey on the issues of data privacy in social network sites. J. Int. J. Eng. Comput. Sci. 5(3), 15912–15918 (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Information TechnologyDelhi Technological UniversityNew DelhiIndia

Personalised recommendations