Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient

Yu, Shui; Zhou, Wanlei; Jia, Weijia; Guo, Song; Xiang, Yong; Tang, Feilong

doi:10.1109/tpds.2011.262

Cited by 182 publications

(89 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, an anomaly characteristic of low-rate DDoS attacks is that every single packet forwarded in the network is legitimate since the packet's head information fulfills all legal requirements of the network-transmission protocols; however, the intentional aggregation of these packets at victim hosts by attackers exhibits abnormal statistical deviations [12]. In addition, as the low-rate DDoS packets are purposely created by prebuilt programs, the features of these packets are highly similar [13,14]. These features must affect the natural patterns in the normal network, which are usually random due to the complexity and dynamics of the real network [8].…”

Section: Detection Algorithmmentioning

confidence: 99%

Low-Rate DDoS Attack Detection Using Expectation of Packet Size

Liao

Cao

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

Low-rate Distributed Denial-of-Service (low-rate DDoS) attacks are a new challenge to cyberspace, as the attackers send a large amount of attack packets similar to normal traffic, to throttle legitimate flows. In this paper, we propose a measurement-expectation of packet size-that is based on the distribution difference of the packet size to distinguish two typical low-rate DDoS attacks, the constant attack and the pulsing attack, from legitimate traffic. The experimental results, obtained using a series of real datasets with different times and different tolerance factors, are presented to demonstrate the effectiveness of the proposed measurement. In addition, extensive experiments are performed to show that the proposed measurement can detect the low-rate DDoS attacks not only in the short and long terms but also for low packet rates and high packet rates. Furthermore, the false-negative rates and the adjudication distance can be adjusted based on the detection sensitivity requirements.

show abstract

Section: Detection Algorithmmentioning

confidence: 99%

Low-Rate DDoS Attack Detection Using Expectation of Packet Size

Liao

Cao

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…DoS attacks & flash crowd attacks can both burden the server with their requests, but unlike DoS attacks which are legible malicious requests [7], flash attacks contains the rightful requests too. A flash is a supreme surge in traffic to a appropriate node in WSN introduce a effective increase in the load and putting stress on the node and its links, which may lead to failure of the complete path [13] [14].…”

Section: Relatedworkmentioning

confidence: 99%

Impact of Flash Crowd Attack in Online Retail Applications

Thrimurthi¹,

Adithya²,

Thandavamurthi³

et al. 2017

IJEACS

View full text Add to dashboard Cite

-Now days the usage of internet has been enormously increased. Online shopping has acquired widely in day today event. Mean which these online shopping is affected by various advanced network security attacks Flash Crowd Attack is the one of the advanced attack, where huge amount of dummy requests are sent at a time and thus putting lot of pressure on server machine and degrade the efficiency. Also authorized client can't receive the acknowledgement notification. We found that this attack might cause lot of problems to online buy user in the coming days. This paper depicts the minimization Flash Crowd Attack and discuses various issue of this attack.

show abstract

“…Yu et al [9] proposed an algorithm to discriminate DDoS attacks from flash crowds by evaluating the flow correlation coefficient among suspicious flows. A covariance matrix-based approach was designed in [10] to extract the multivariate correlation for sequential samples.…”

Section: Multivariate Correlation Analysis (Mca)mentioning

confidence: 99%