Table of Contents Author Guidelines Submit a Manuscript
Mathematical Problems in Engineering
Volume 2012 (2012), Article ID 860569, 12 pages
http://dx.doi.org/10.1155/2012/860569
Research Article

A Model to Partly but Reliably Distinguish DDOS Flood Traffic from Aggregated One

1School of Information Science & Technology, East China Normal University, No. 500, Dong-Chuan Road, Shanghai 200241, China
2Department of Computer and Information Science, University of Macau, Avenue Padre Tomas Pereira, Taipa, Macau SAR, China

Received 23 April 2011; Accepted 7 June 2011

Academic Editor: Shengyong Chen

Copyright © 2012 Ming Li and Wei Zhao. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. G. Coulouris, J. Dollimore, and T. Kindberg, Distributed Systems: Concepts and Design, Addison-Wesley, 3rd edition, 2001. View at Zentralblatt MATH
  2. K. Liston, “Intrusion Detection FAQ: Can You Explain Traffic Analysis and Anomaly Detection?” July 2004, http://www.sans.org/security-resources/idfaq/anomaly_detection.php.
  3. E. Schultz, “Intrusion prevention,” Computers & Security, vol. 23, no. 4, pp. 265–266, 2004. View at Publisher · View at Google Scholar · View at Scopus
  4. W. W. Streilein, D. J. Fried, and R. K. Cunninggham, “Detecting flood-based denial-of-service attacks with SNMP/RMON,” in Proceedings of the Workshop on Statistical and Machine. Learning Techniques in Computer Intrusion Detection, George Mason University, September 2003. View at Publisher · View at Google Scholar
  5. J. Leach, “TBSE—an engineering approach to the design of accurate and reliable security systems,” Computers & Security, vol. 23, no. 1, pp. 22–28, 2004. View at Publisher · View at Google Scholar · View at Scopus
  6. S. H. Oh and W. S. Lee, “An anomaly intrusion detection method by clustering normal user behavior,” Computers & Security, vol. 22, no. 7, pp. 596–612, 2003. View at Publisher · View at Google Scholar · View at Scopus
  7. F. Gong, Deciphering Detection Techniques: Part III Denial of Service Detection, White Paper, McAfee Network Security Technologies Group, 2003.
  8. M. Li, “An approach to reliably identifying signs of DDOS flood attacks based on LRD traffic pattern recognition,” Computers & Security, vol. 23, no. 7, pp. 549–558, 2004. View at Publisher · View at Google Scholar · View at Scopus
  9. S. Sorensen, Competitive Overview of Statistical Anomaly Detection, White Paper, Juniper Networks, 2004, http://www.juniper.net.
  10. R. A. Kemmerer and G. Vigna, “Intrusion detection: a brief history and overview, supplement to computer,” IEEE Security & Privacy, vol. 35, no. 4, pp. 27–30, 2002. View at Google Scholar
  11. S. B. Cho and H. J. Park, “Efficient anomaly detection by modeling privilege flows using hidden markov model,” Computers & Security, vol. 22, no. 1, pp. 45–55, 2003. View at Publisher · View at Google Scholar · View at Scopus
  12. S. Cho and S. Cha, “SAD: web session anomaly detection based on parameter estimation,” Computers & Security, vol. 23, no. 4, pp. 312–319, 2004. View at Publisher · View at Google Scholar · View at Scopus
  13. S. S. Kim, A. L. N. Reddy, and M. Vannucci, “Detecting traffic anomalies at the source though aggregate analysis of packet header data,” in Proceedings of the Networking, vol. 3042 of Lecture Notes in Computer Science, pp. 1047–1059, Springer, Athens, Greece, May 2004.
  14. B. Bencsath and I. Vajda, “Protection against DDoS attacks based on traffic level measurements,” in Proceedings of the International Symposium on Collaborative Technologies and Systems, W. W. Smari, Ed., William McQuay, 2004.
  15. L. Feinstein, D. Schnackenberg, R. Balupari, and D. Kindred, “Statistical approaches to DDoS attack detection and response,” in Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 1, pp. 303–314, Washington, DC, USA, April 2003.
  16. R. Mahajan, S. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, “Controlling high bandwidth aggregates in the network,” Computer Communication Review, vol. 32, no. 3, pp. 62–73, July 2002. View at Publisher · View at Google Scholar · View at Scopus
  17. J. B. D. Cabrera, B. Ravichandran, and R. K. Mehra, “Statistical modeling for network intrusion detection,” in Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, San Francisco, Calif, USA, August-september 2000.
  18. H. Michiel and K. Laevens, “Teletraffic engineering in a broad-band era,” Proceedings of the IEEE, vol. 85, no. 12, pp. 2007–2033, 1997. View at Publisher · View at Google Scholar · View at Scopus
  19. V. Paxson and S. Floyd, “Wide area traffic: the failure of poisson modeling,” IEEE/ACM Transactions on Networking, vol. 3, no. 3, pp. 226–244, 1995. View at Publisher · View at Google Scholar · View at Scopus
  20. I. W. C. Lee and A. O. Fapojuwo, “Stochastic processes for computer network traffic modeling,” Computer Communications, vol. 29, no. 1, pp. 1–23, 2005. View at Publisher · View at Google Scholar · View at Scopus
  21. J. Beran, Statistics for Long-Memory Processes, Chapman and Hall, New York, NY, USA, 1994.
  22. M. Garetto and D. Towsley, “An efficient technique to analyze the impact of bursty TCP traffic in wide-area networks,” Performance Evaluation, vol. 65, no. 2, pp. 181–202, 2008. View at Publisher · View at Google Scholar · View at Scopus
  23. M. Li, “Change trend of averaged hurst parameter of traffic under DDOS flood attacks,” Computers & Security, vol. 25, no. 3, pp. 213–220, 2006. View at Publisher · View at Google Scholar · View at Scopus
  24. H. G. Sun, Y. Q. Chen, and W. Chen, “Random-order fractional differential equation models,” Signal Processing, vol. 91, no. 3, pp. 525–530, 2011. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at Scopus
  25. A. Scherrer, N. Larrieu, P. Owezarski, P. Borgnat, and P. Abry, “Non-gaussian and long memory statistical characterizations for internet traffic with anomalies,” IEEE Transactions on Dependable and Secure Computing, vol. 4, no. 1, pp. 56–70, 2007. View at Publisher · View at Google Scholar · View at Scopus
  26. R. Delgado, “A reflected fBm limit for fluid models with ON/OFF sources under heavy traffic,” Stochastic Processes and their Applications, vol. 117, no. 2, pp. 188–201, 2007. View at Publisher · View at Google Scholar · View at Zentralblatt MATH
  27. C. Cattani, “Harmonic wavelet approximation of random, fractal and high frequency signals,” Telecommunication Systems, vol. 43, no. 3-4, pp. 207–217, 2010. View at Publisher · View at Google Scholar · View at Scopus
  28. C. Cattani, “Fractals and hidden symmetries in DNA,” Mathematical Problems in Engineering, vol. 2010, Article ID 507056, 31 pages, 2010. View at Google Scholar · View at Zentralblatt MATH
  29. E. G. Bakhoum and C. Toma, “Dynamical aspects of macroscopic and quantum transitions due to coherence function and time series events,” Mathematical Problems in Engineering, vol. 2010, Article ID 428903, 2010. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at Scopus
  30. M. Li and W. Zhao, “Representation of a stochastic traffic bound,” IEEE Transactions on Parallel and Distributed Systems, vol. 21, no. 9, pp. 1368–1372, 2010. View at Publisher · View at Google Scholar · View at Scopus
  31. C. S. Chang, “On deterministic traffic regulation and service guarantees: a systematic approach by filtering,” IEEE Transactions on Information Theory, vol. 44, no. 3, pp. 1097–1110, 1998. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at Scopus
  32. S. Q. Wang, D. Xuan, R. Bettati, and W. Zhao, “Providing absolute differentiated services for real-time applications in static-priority scheduling networks,” IEEE/ACM Transactions on Networking, vol. 12, no. 2, pp. 326–339, 2004. View at Publisher · View at Google Scholar · View at Scopus
  33. R. Cruz, “A calculus for network delay. II. Network analysis,” IEEE Transactions on Information Theory, vol. 37, no. 1, pp. 132–141, 1991. View at Publisher · View at Google Scholar · View at Zentralblatt MATH
  34. J. S. Bendat and A. G. Piersol, Random Data: Analysis and Measurement Procedure, John Wiley & Sons, 2nd edition, 1991.
  35. B. B. Mandelbrot, Gaussian Self-Affinity and Fractals, Springer, New York, NY, USA, 2002.
  36. Y. Q. Chen, R. Sun, and A. Zhou, “An improved hurst parameter estimator based on fractional fourier transform,” Telecommunication Systems, vol. 43, no. 3-4, pp. 197–206, 2010. View at Publisher · View at Google Scholar · View at Scopus
  37. H. Sheng, H. Sun, Y. Q. Chen, and T. Qiu, “Synthesis of multifractional gaussian noises based on variable-order fractional operators,” Signal Processing, vol. 91, no. 7, pp. 1645–1650, 2011. View at Publisher · View at Google Scholar · View at Zentralblatt MATH
  38. S. Black, D. Black, M. Carlson, E. Davies, Z. Wang, and W. Weiss, “Architecture for differentiated services,” Tech. Rep. 2475, IETF, 1998. View at Google Scholar
  39. J. Chen, C. Hu, and Z. Ji, “An improved ARED algorithm for congestion control of network transmission,” Mathematical Problems in Engineering, vol. 2010, Article ID 329035, 2010. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at Scopus
  40. M. Dong, “A tutorial on nonlinear time-series data mining in engineering asset health and reliability prediction: concepts, models, and algorithms,” Mathematical Problems in Engineering, vol. 2010, Article ID 175936, 2010. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at Scopus
  41. M. Dong, “A novel approach to equipment health management based on auto-regressive hidden semi-Markov model (AR-HSMM),” Science in China, vol. 51, no. 9, pp. 1291–1304, 2008. View at Publisher · View at Google Scholar · View at Zentralblatt MATH
  42. Z. Liao, S. Hu, D. Sun, and W. Chen, “Enclosed laplacian operator of nonlinear anisotropic diffusion to preserve singularities and delete isolated points in image smoothing,” Mathematical Problems in Engineering, vol. 2011, Article ID 749456, 15 pages, 2011. View at Publisher · View at Google Scholar · View at Zentralblatt MATH
  43. S. Hu, Z. Liao, D. Sun, and W. Chen, “A numerical method for preserving curve edges in nonlinear anisotropic smoothing,” Mathematical Problems in Engineering, vol. 2011, Article ID 186507, 14 pages, 2011. View at Publisher · View at Google Scholar · View at Zentralblatt MATH
  44. W. Mikhael and T. Yang, “A gradient-based optimum block adaptation ICA technique for interference suppression in highly dynamic communication channels,” Eurasip Journal on Applied Signal Processing, vol. 2006, Article ID 84057, 2006. View at Publisher · View at Google Scholar · View at Scopus
  45. S. Y. Chen, Y. F. Li, and J. W. Zhang, “Vision processing for realtime 3D data acquisition based on coded structured light,” IEEE Transactions on Image Processing, vol. 17, no. 2, pp. 167–176, 2008. View at Publisher · View at Google Scholar
  46. D. She and X. Yang, “A new adaptive local linear prediction method and its application in hydrological time series,” Mathematical Problems in Engineering, vol. 2010, Article ID 205438, 2010. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at Scopus
  47. J. Chen, C. Hu, and Z. Ji, “Self-tuning random early detection algorithm to improve performance of network transmission,” Mathematical Problems in Engineering, vol. 2011, Article ID 872347, 17 pages, 2011. View at Google Scholar · View at Zentralblatt MATH
  48. H. Dong, Z. Wang, D. W. C. Ho, and H. Gao, “Variance-constrained H filtering for a class of nonlinear time-varying systems with multiple missing measurements: the finite-horizon case,” IEEE Transactions on Signal Processing, vol. 58, no. 5, pp. 2534–2543, 2010. View at Publisher · View at Google Scholar
  49. B. Shen, Z. Wang, and X. Liu, “Bounded H synchronization and state estimation for discrete time-varying stochastic complex networks over a finite horizon,” IEEE Transactions on Neural Networks, vol. 22, no. 1, pp. 145–157, 2010. View at Google Scholar · View at Scopus