Chaos Theory Based Detection against Network Mimicking DDoS Attacks
MetadataShow full item record
DDoS attack traffic is difficult to differentiate from legitimate network traffic during transit from the attacker, or zombies, to the victim. In this paper, we use the theory of network self-similarity to differentiate DDoS flooding attack traffic from legitimate self-similar traffic in the network. We observed that DDoS traffic causes a strange attractor to develop in the pattern of network traffic. From this observation, we developed a neural network detector trained by our DDoS prediction algorithm. Our preliminary experiments and analysis indicate that our proposed chaotic model can accurately and effectively detect DDoS attack traffic. Our approach has the potential to not only detect attack traffic during transit, but to also filter it.
Copyright © 2009 IEEE This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Showing items related by title, author, creator and subject.
Salem, Mohammed; Armstrong, Helen (2008)During a denial of service attack, it is difficult for a firewall to differentiate legitimate packets from rogue packets, particularly in large networks carrying substantial levels of traffic. Large networks commonly use ...
Potdar, Vidyasagar; Firoozeh, N.; Ridzuan, Farida; Like, Y.; Mukhopadhyay, D.; Tejani, D. (2012)Spam 2.0 (or Web 2.0 Spam) is referred to as spam content that is hosted on Web 2.0 applications (blogs, forums, social networks etc.). Such spam differs from traditional spam as this is targeted at Web 2.0 applications ...
Chan, King-Sun; Alam, Mohammad (2014)Wormhole attack is considered one of the most threatening security attacks for mobile ad hoc networks. In a wormhole attack, a tunnel is setup in advance between two colluders. The colluders record packets at one location ...