Skip to Main Content
Threat of Distributed Denial of Service (DDoS) attacks has been increasing with growth of computer and network infrastructures. DDoS attacks generating mass traffics make network bandwidth and/or system resources depleted. Therefore, it is significant to detect DDoS attacks in early stage. Our previous approach used a traffic matrix to detect DDoS attack. However, it is hard to tune up the parameters of the matrix including (i) size of traffic matrix, (ii) packet based window size, and (iii) threshold value of variance from packets information with respect to various monitoring environments and DDoS attacks. In this paper, we propose an enhanced DDoS attacks detection approach which (i) improves the traffic matrix building operation and (ii) optimizes the parameters of the traffic matrix using Genetic Algorithm (GA). We perform experiments with DARPA 2000 dataset and LBL-PKT-4 dataset of Lawrence Berkeley Laboratory to show its performance in terms of detection accuracy and speed.
Date of Conference: June 30 2011-July 2 2011