By Topic

A Heuristic DDoS Flooding Attack Detection Mechanism Analyses based on the Relationship between Input and Output Traffic Volumes

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Zhang Fengxiang ; Graduate Univ. for Adv. Studies, Tokyo ; Abe, S.

Nowadays various kinds of anomalies are prohibiting the widely used Internet from offering normal services. Within them a novel anomaly is caused by bandwidth attacks. To defense these threats many detecting schemes are essentially based on unidirectional checking of traffic changes. When legitimately abrupt changes appear, they might result in false alarms. In this paper we consider the problem from the bidirectional-traffic view and analyze the traffic characteristics by checking the input/output traffic characteristics of the protected network node. We have analyzed the relationship between input and output traffic volume pairs in the simulation traffic and studied them both under normal and abnormal cases. Based on these analyses, we've proposed a heuristic DDoS flooding attack detection method and showed a verifying simulation as well.

Published in:

Computer Communications and Networks, 2007. ICCCN 2007. Proceedings of 16th International Conference on

Date of Conference:

13-16 Aug. 2007