Table of Contents Author Guidelines Submit a Manuscript
Journal of Sensors
Volume 2015, Article ID 465402, 11 pages
http://dx.doi.org/10.1155/2015/465402
Research Article

Accurately Identifying New QoS Violation Driven by High-Distributed Low-Rate Denial of Service Attacks Based on Multiple Observed Features

1Department of Computer Science & Technology, Jilin University, Changchun 130012, China
2Key Laboratory of Symbol Computation and Knowledge Engineering of Ministry of Education, Jilin University, Changchun 130012, China
3Department of Software Engineering, Jilin University, Changchun 130012, China
4Department of EECS, University of Central Florida, Orlando, FL 32816, USA

Received 4 August 2014; Revised 24 November 2014; Accepted 8 December 2014

Academic Editor: Jun Zhang

Copyright © 2015 Jian Kang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. A. Kuzmanovic and E. W. Knightly, “Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants,” in Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Karlsruhe, Germany, 2003.
  2. X. Luo and R. K. C. Chang, “On a new class of pulsing denial-of-service attacks and the defense,” in Proceedings of the Network and Distributed System Security Symposium (NDSS '05), San Diego, Calif, USA, 2005.
  3. M. Guirguis, A. Bestavros, and I. Matta, “Exploiting the transients of adaptation for RoQ attacks on internet resources,” in Proceedings of the 12th IEEE International Conference on Network Protocols (ICNP '04), pp. 184–195, Berlin, Germany, October 2004. View at Publisher · View at Google Scholar · View at Scopus
  4. M. Guirguis, A. Bestavros, I. Matta, and Y. Zhang, “Reduction of Quality (RoQ) attacks on Internet end-systems,” in Proceedings of the IEEE International Conference on Computer Communication (INFOCOM '05), pp. 1362–1372, Miami, Fla, USA, March 2005. View at Scopus
  5. Y. Chen and K. Hwang, “Collaborative detection and filtering of shrew DDoS attacks using spectral analysis,” Journal of Parallel and Distributed Computing, vol. 66, no. 9, pp. 1137–1151, 2006. View at Publisher · View at Google Scholar · View at Scopus
  6. G. Maciá-Fernández, J. E. Díaz-Verdejo, and P. García-Teodoro, “Mathematical model for low-rate dos attacks against application servers,” IEEE Transactions on Information Forensics and Security, vol. 4, no. 3, pp. 519–529, 2009. View at Publisher · View at Google Scholar · View at Scopus
  7. Y. X. He, T. Liu, Q. Cao et al., “A survey of low-rate denial-of-service attacks,” Journal of Frontiers of Computer Science & Technology, vol. 2, no. 1, pp. 1–17, 2008. View at Google Scholar
  8. Q. Zhu, Z. Yizhi, and X. Chuiyi, “Research and survey of low-rate denial of service attacks,” in Proceedings of the 13th International Conference on Advanced Communication Technology: Smart Service Innovation through Mobile Interactivity (ICACT '11), pp. 1195–1198, Gangwon-Do, Republic of Korea, February 2011. View at Scopus
  9. Z. J. Wu and B. S. Pei, “The detection of LDoS attack based on the model of small signal,” Acta Electronica Sinica, vol. 39, no. 6, pp. 1456–1460, 2011. View at Google Scholar · View at Scopus
  10. W. Zhi-Jun, Z. Hai-Tao, W. Ming-Hua, and P. Bao-Song, “MSABMS-based approach of detecting LDoS attack,” Computers & Security, vol. 31, no. 4, pp. 402–417, 2012. View at Publisher · View at Google Scholar · View at Scopus
  11. Z.-J. Wu, H.-L. Zeng, and M. Yue, “Approach of detecting LDoS attack based on time window statistic,” Journal on Communications, vol. 31, no. 12, pp. 55–62, 2010. View at Google Scholar · View at Scopus
  12. C.-W. Zhang, J.-P. Yin, Z.-P. Cai, and W.-F. Chen, “RRED: robust RED algorithm to counter low-rate denial-of-service attacks,” IEEE Communications Letters, vol. 14, no. 5, pp. 489–491, 2010. View at Publisher · View at Google Scholar · View at Scopus
  13. C. Yu, H. Kai, and Y.-K. Kwok, “Collaborative defense against periodic shrew DDoS attacks in frequency domain,” ACM Transactions on Information and System Security, pp. 2–27, 2005. View at Google Scholar
  14. D. Liu, Research on LDoS attack in soft-switch network [M.S. thesis], Communication and Information Engineering, 2013.
  15. A. Shevtekar, K. Anantharam, and N. Ansari, “Low rate TCP denial-of-service attack detection at edge routers,” IEEE Communications Letters, vol. 9, no. 4, pp. 363–365, 2005. View at Publisher · View at Google Scholar · View at Scopus
  16. K. Chen, H. Y. Liu, and X. S. Chen, “Detecting LDoS attacks based on abnormal network traffic,” KSII Transactions on Internet and Information Systems, vol. 6, no. 7, pp. 1831–1853, 2012. View at Publisher · View at Google Scholar · View at Scopus
  17. K. Chen, H. Liu, and X. Chen, “EBDT: a method for detecting LDoS attack,” in Proceedings of the IEEE International Conference on Information and Automation (ICIA '12), pp. 911–916, Shenyang, China, June 2012. View at Publisher · View at Google Scholar · View at Scopus
  18. D. Tang, K. Chen, X. Chen, H. Y. Liu, and X. Li, “Adaptive EWMA Method based on abnormal network traffic for LDoS attacks,” Mathematical Problems in Engineering, vol. 2014, Article ID 496376, 11 pages, 2014. View at Publisher · View at Google Scholar
  19. M. Yu, “An adaptive method for source-end detection of pulsing DoS attacks,” International Journal of Security and its Applications, vol. 7, no. 5, pp. 279–288, 2013. View at Publisher · View at Google Scholar · View at Scopus
  20. Y. Xiang, K. Li, and W. Zhou, “Low-rate DDoS attacks detection and traceback by using new information metrics,” IEEE Transactions on Information Forensics and Security, vol. 6, no. 2, pp. 426–437, 2011. View at Publisher · View at Google Scholar · View at Scopus
  21. Z. Zeng, J. Tu, B. Pianfetti et al., “Audio-visual affect recognition through Multi-stream Fused HMM for HCI,” in Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR '05), pp. 967–972, San Diego, Calif, USA, June 2005. View at Publisher · View at Google Scholar · View at Scopus
  22. H. Pan, S. E. Levinson, T. S. Huang, and Z.-P. Liang, “A fused hidden Markov model with application to bimodal speech processing,” IEEE Transactions on Signal Processing, vol. 52, no. 3, pp. 573–581, 2004. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  23. M. Brand, N. Oliver, and A. Pentland, “Coupled hidden Markov models for complex action recognition,” in Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition, pp. 994–999, San Juan, Puerto Rico, June 1997. View at Scopus
  24. L. K. Saul and M. I. Jordan, “Mixed memory Markov models: decomposing complex stochastic processes as mixtures of simpler ones,” Machine Learning, vol. 37, no. 1, pp. 75–87, 1999. View at Publisher · View at Google Scholar · View at Scopus
  25. L. R. Rabiner, “Tutorial on hidden Markov models and selected applications in speech recognition,” Proceedings of the IEEE, vol. 77, no. 2, pp. 257–286, 1989. View at Publisher · View at Google Scholar · View at Scopus
  26. D. Zhou, H. Zhang, S. Zhang, and X. Hu, “DDoS attack detection method based on hidden Markov model,” Computer Research and Development, vol. 42, no. 9, pp. 1594–1599, 2005. View at Publisher · View at Google Scholar · View at Scopus
  27. Z.-J. Wu and D. Zhang, “Attack simulation and signature extraction of low-rate DDoS,” Tongxin Xuebao/Journal on Communications, vol. 29, no. 1, pp. 71–76, 2008. View at Google Scholar · View at Scopus
  28. H.-P. Hu, J. Zhang, B. Liu, L. Chen, and X. Chen, “Simulation and analysis of distributed low-rate denial-of-service attacks,” in Proceedings of the 5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT '10), pp. 620–626, IEEE, Seoul, Republic of Korea, December 2010. View at Publisher · View at Google Scholar · View at Scopus
  29. J. Zhang, H.-P. Hu, B. Liu, and F.-T. Xiao, “Detecting LDoS attack based on ASPQ,” Journal on Communications, vol. 33, no. 5, pp. 79–84, 2012. View at Google Scholar · View at Scopus
  30. P. D. Welch, “The use of the fast Fourier transform for estimation of spectra: a method based on time averaging over short, modified periodograms,” IEEE Transactions on Audio and Electroacoustics, vol. 15, no. 2, pp. 70–74, 1967. View at Publisher · View at Google Scholar
  31. H. C. So, Y. T. Chan, Q. Ma, and P. C. Ching, “Comparison of various periodograms for sinusoid detection and frequency estimation,” IEEE Transactions on Aerospace and Electronic Systems, vol. 35, no. 3, pp. 945–952, 1999. View at Publisher · View at Google Scholar · View at Scopus
  32. J. Mirkovic and P. Reiher, “D-WARD: a source-end defense against flooding denial-of-service attacks,” IEEE Transactions on Dependable and Secure Computing, vol. 2, no. 3, pp. 216–232, 2005. View at Publisher · View at Google Scholar · View at Scopus
  33. S. Kasera, J. Pinheiro, C. Loader, M. Karaul, A. Hari, and T. LaPorta, “Fast and robust signaling overload control,” in Proceedings of the 9th International Conference on Network Protocols (ICNP '01), pp. 323–331, Riverside, Calif, USA, November 2001. View at Scopus
  34. J. Francois, S. Wang, R. State et al., “BotTrack: tracking botnets using NetFlow and PageRank,” in NETWORKING 2011, vol. 6640 of Lecture Notes in Computer Science, pp. 1–14, Springer, Berlin, Germany, 2011. View at Publisher · View at Google Scholar
  35. H. L. Jiang, X. L. Shao, and Y. F. Li, “Online botnet detection algorithm using MapReduce,” Journal of Electronics and Information Technology, vol. 35, no. 7, pp. 1732–1738, 2013. View at Publisher · View at Google Scholar · View at Scopus
  36. S. Nagaraja, P. Mittal, C. Hong et al., “BotGrep: finding P2P bots with structured graph analysis,” in Proceedings of the 19th USENIX Conference on Security, Washington, DC, USA, 2010.