Table of Contents Author Guidelines Submit a Manuscript
Journal of Control Science and Engineering
Volume 2013, Article ID 821315, 6 pages
http://dx.doi.org/10.1155/2013/821315
Research Article

Real-Time Detection of Application-Layer DDoS Attack Using Time Series Analysis

School of Information Science and Engineering, Changzhou University, Changzhou 213164, China

Received 7 June 2013; Accepted 25 August 2013

Academic Editor: Xiaomei Qi

Copyright © 2013 Tongguang Ni et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. T. Thapngam, S. Yu, W. Zhou, and G. Beliakov, “Discriminating DDoS attack traffic from flash crowd through packet arrival patterns,” in Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM '11), pp. 952–957, April 2011. View at Publisher · View at Google Scholar · View at Scopus
  2. G. Oikonomou and J. Mirkovic, “Modeling human behavior for defense against flash-crowd attacks,” in Proceedings of the IEEE International Conference on Communications (ICC '09), pp. 1–6, June 2009. View at Publisher · View at Google Scholar · View at Scopus
  3. H. Beitollahi and G. Deconinck, “Analyzing well-known countermeasures against distributed denial of service attacks,” Computer Communications, vol. 35, pp. 1312–1332, 2012. View at Google Scholar
  4. S. Ranjan, R. Swaminathan, M. Uysal, and E. Knightly, “DDoS-resilient scheduling to counter application layer attacks under imperfect detection,” in Proceedings of the 25th IEEE International Conference on Computer Communications (INFOCOM '06), pp. 1–13, April 2006. View at Publisher · View at Google Scholar · View at Scopus
  5. W. Yen and M.-F. Lee, “Defending application DDoS with constraint random request attacks,” in Proceedings of the Asia-Pacific Conference on Communications, pp. 620–624, Perth, Australia, October 2005. View at Publisher · View at Google Scholar · View at Scopus
  6. L. Von Ahn, M. Blum, and J. Langford, “Telling humans and computers apart automatically,” Communications of the ACM, vol. 47, no. 2, pp. 56–60, 2004. View at Publisher · View at Google Scholar · View at Scopus
  7. Y. Xie and S.-Z. Yu, “A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors,” IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 54–65, 2009. View at Publisher · View at Google Scholar · View at Scopus
  8. Y. Xie, S. Tang, and X. Huang, “Detecting latent attack behavior from aggregated Web traffic,” Computer Communications, no. 5, pp. 895–907, 2013. View at Google Scholar
  9. J. Yu, C. Fang, L. Lu et al., “A lightweight mechanism to mitigate application layer DDoS attacks,” Scalable Information Systems, vol. 18, pp. 175–191, 2009. View at Google Scholar
  10. P. Du and A. Nakao, “OverCourt: DDoS mitigation through credit-based traffic segregation and path migration,” Computer Communications, vol. 33, no. 18, pp. 2164–2175, 2010. View at Publisher · View at Google Scholar · View at Scopus
  11. H. Beitollahi and G. Deconinck, “Tackling Application-layer DDoS Attacks,” Procedia Computer Science, vol. 10, pp. 432–441, 2012. View at Google Scholar
  12. Q.-D. Sun, D.-Y. Zhang, and P. Gao, “Detecting distributed denial of service attacks based on time series analysis,” Chinese Journal of Computers, vol. 28, no. 5, pp. 767–773, 2005. View at Google Scholar · View at Scopus
  13. R. Yan, Q. Zheng, and H. Li, “Combining adaptive filtering and IF flows to detect DDOS attacks within a router,” KSII Transactions on Internet and Information Systems, vol. 4, no. 3, pp. 428–451, 2010. View at Publisher · View at Google Scholar · View at Scopus
  14. S. Wen, W. Jia, W. Zhou, W. Zhou, and C. Xu, “CALD: Surviving various application-layer DDoS attacks that mimic flash crowd,” in Proceedings of the 4th International Conference on Network and System Security (NSS '10), pp. 247–254, Victoria, Australia, September 2010. View at Publisher · View at Google Scholar · View at Scopus
  15. S. Haykln, Adaptive Filter Theory, Prentice-Hall, Upper saddle River, NJ, USA, 3rd edition, 1996.
  16. J. Viinikka, H. Debar, L. Mé, A. Lehikoinen, and M. Tarvainen, “Processing intrusion detection alert aggregates with time series modeling,” Information Fusion, vol. 10, no. 4, pp. 312–324, 2009. View at Publisher · View at Google Scholar · View at Scopus
  17. J. Platt, “Sequential minimal optimization: a fast algorithm for training support vector machines,” Tech. Rep. MSR-TR-98-14, Microsoft Research, 1998. View at Google Scholar
  18. M. Arlitt and T. Jin, “1998 World Cup Web Site Access Logs,” 1998, http://ita.ee.lbl.gov/html/contrib/WorldCup.html.