Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017 (2017), Article ID 3691629, 14 pages
https://doi.org/10.1155/2017/3691629
Research Article

Low-Rate DDoS Attack Detection Using Expectation of Packet Size

School of Mathematics and Computer Science, Wuhan Polytechnic University, Wuhan 430023, China

Correspondence should be addressed to Mingchao Liao

Received 7 May 2017; Revised 6 July 2017; Accepted 31 July 2017; Published 11 October 2017

Academic Editor: Huaizhi Li

Copyright © 2017 Lu Zhou et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. “Share of largest ddos attack defense combat in internet,” 2015, http://www.infoq.com/cn/presentations/share-of-internet-world-largest-ddos-attack-defense-combat.
  2. G. Carl, G. Kesidis, R. R. Brooks, and S. Rai, “Denial-of-service attack-detection techniques,” IEEE Internet Computing, vol. 10, no. 1, pp. 82–89, 2006. View at Publisher · View at Google Scholar · View at Scopus
  3. S. Yu, Y. Tian, S. Guo, and D. O. Wu, “Can we beat DDoS attacks in clouds?” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 9, pp. 2245–2254, 2014. View at Publisher · View at Google Scholar
  4. M. Sachdeva, K. Kumar, G. Singh, and K. Singh, “Performance analysis of web service under DDoS attacks,” in Proceedings of the 2009 IEEE International Advance Computing Conference, IACC 2009, pp. 1002–1007, March 2009. View at Publisher · View at Google Scholar · View at Scopus
  5. M. Sachdeva and K. Kumar, “A traffic cluster entropy based approach to distinguish DDoS attacks from flash event using DETER testbed,” ISRN Communications and Networking, vol. 2014, Article ID 259831, 15 pages, 2014. View at Publisher · View at Google Scholar · View at Scopus
  6. Y. Chen, S. Das, P. Dhar, A. El-Saddik, and A. Nayak, “Detecting and preventing ip-spoofed distributed dos attacks,” IJ Network Security, vol. 7, no. 1, pp. 69–80, 2008. View at Google Scholar
  7. W. Zhou, W. Jia, S. Wen, Y. Xiang, and W. Zhou, “Detection and defense of application-layer DDoS attacks in backbone web traffic,” Future Generation Computer Systems, vol. 38, pp. 36–46, 2014. View at Publisher · View at Google Scholar · View at Scopus
  8. Y. Xiang, K. Li, and W. Zhou, “Low-rate DDoS attacks detection and traceback by using new information metrics,” IEEE Transactions on Information Forensics and Security, vol. 6, no. 2, pp. 426–437, 2011. View at Publisher · View at Google Scholar
  9. H. Sun, J. C. S. Lu, and D. K. Y. Yau, “Defending against low-rate TCP attacks: Dynamic detection and protection,” in Proceedings of the 12th IEEE International Conference on Network Protocols, ICNP 2004, pp. 196–205, October 2004. View at Scopus
  10. A. Kuzmanovic and E. W. Knightly, “Low-rate TCP-targeted denial of service attacks,” in Proceedings of the the 2003 conference, p. 75, Karlsruhe, Germany, August 2003. View at Publisher · View at Google Scholar
  11. J. Luo, X. Yang, J. Wang, J. Xu, J. Sun, and K. Long, “On a mathematical model for low-rate shrew DDoS,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 7, pp. 1069–1083, 2014. View at Publisher · View at Google Scholar · View at Scopus
  12. M. Sachdeva, K. Kumar, and G. Singh, “A comprehensive approach to discriminate DDoS attacks from flash events,” Journal of Information Security and Applications, vol. 26, pp. 8–22, 2016. View at Publisher · View at Google Scholar · View at Scopus
  13. S. Yu, W. Zhou, W. Jia, S. Guo, Y. Xiang, and F. Tang, “Discriminating DDoS attacks from flash crowds using flow correlation coefficient,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 6, pp. 1073–1080, 2012. View at Publisher · View at Google Scholar · View at Scopus
  14. S. Yu, W. Zhou, R. Doss, and W. Jia, “Traceback of DDoS attacks using entropy variations,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 3, pp. 412–425, 2012. View at Publisher · View at Google Scholar · View at Scopus
  15. F. Liu, X. Wu, W. Li, and X. Liu, “The packet size distribution patterns of the typical internet applications,” in Proceedings of the 3rd IEEE International Conference on Network Infrastructure and Digital Content, IC-NIDC 2012, pp. 325–332, September 2012. View at Publisher · View at Google Scholar · View at Scopus
  16. T. Thapngam, S. Yu, W. Zhou, and S. K. Makki, “Distributed Denial of Service (DDoS) detection by traffic pattern analysis,” Peer-to-Peer Networking and Applications, vol. 7, no. 4, pp. 346–358, 2014. View at Publisher · View at Google Scholar · View at Scopus
  17. “Wide-transit 100 megabit ethernet trace 2007-01-09,” 2007, http://imdc.datcat.org/collection/1-055M-0=WIDE-TRANSIT+100+Megabit+Ethernet+Trace+2007-01-09+.
  18. Widely Integrated Distributed Environment (Wide), http://www.wide.ad.jp/.
  19. “A day in the life of the internet,” http://www.caida.org/projects/ditl/.
  20. “Center for applied internet data analysis,” http://www.caida.org/data/passive/backscatter_dataset.xml.
  21. C. Zhang, Z. Cai, W. Chen, X. Luo, and J. Yin, “Flow level detection and filtering of low-rate DDoS,” Computer Networks, vol. 56, no. 15, pp. 3417–3431, 2012. View at Publisher · View at Google Scholar
  22. P. N.Jadhav and B. M. Patil, “Low-rate DDOS Attack Detection using Optimal Objective Entropy Method,” International Journal of Computer Applications, vol. 78, no. 3, pp. 33–38, 2013. View at Publisher · View at Google Scholar
  23. M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “E-LDAT: a lightweight system for DDoS flooding attack detection and IP traceback using extended entropy metric,” Security and Communication Networks, vol. 9, no. 16, pp. 3251–3270, 2016. View at Publisher · View at Google Scholar · View at Scopus
  24. P. Du and S. Abe, “IP packet size entropy-based scheme for detection of DoS/DDoS attacks,” IEICE Transaction on Information and Systems, vol. E91-D, no. 5, pp. 1274–1281, 2008. View at Publisher · View at Google Scholar · View at Scopus
  25. A. Shevtekar, K. Anantharam, and N. Ansari, “Low rate TCP denial-of-service attack detection at edge routers,” IEEE Communications Letters, vol. 9, no. 4, pp. 363–365, 2005. View at Publisher · View at Google Scholar · View at Scopus