Real-time DDoS attack detection using FPGA

被引:57
作者
Hoque, N. [1 ]
Kashyap, H. [2 ]
Bhattacharyya, D. K. [1 ]
机构
[1] Tezpur Univ Napaam, Dept Comp Sci & Engn, Tezpur 784028, Assam, India
[2] Univ Calif Irvine, Dept Comp Sci, Donald Bren Sch Informat & Comp Sci, 3019 Donald Bren Hall, Irvine, CA 92697 USA
来源
COMPUTER COMMUNICATIONS | 2017年 / 110卷
关键词
DDoS attack detection; FPGA; Correlation measure; FEATURE-SELECTION; ANOMALY DETECTION; ENSEMBLE;
D O I
10.1016/j.comcom.2017.05.015
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
A real-time DDoS attack detection method should identify attacks with low computational overhead. Although a large number of statistical methods have been designed for DDoS attack detection, real-time statistical solution to detect DDoS attacks in hardware is only a few. In this paper, a real-time DDoS detection method is proposed that uses a novel correlation measure to identify DDoS attacks. Effectiveness of the method is evaluated with three network datasets, viz., CAIDA DDoS 2007, MIT DARPA, and TUIDS. Further, the proposed method is implemented on an FPGA to analyze its performance. The method yields high detection accuracy and the FPGA implementation requires less than one microsecond to identify an attack. (C) 2017 Elsevier B.V. All rights reserved.
引用
收藏
页码:48 / 58
页数:11
相关论文
共 30 条
[1]  
Abdi H., 2007, Encyclopedia of measurement and statistics, P508, DOI DOI 10.4135/9781412952644.N239
[2]   Shifting-and-Scaling Correlation Based Biclustering Algorithm [J].
Ahmed, Hasin Afzal ;
Mahanta, Priyakshi ;
Bhattacharyya, Dhruba Kumar ;
Kalita, Jugal Kumar .
IEEE-ACM TRANSACTIONS ON COMPUTATIONAL BIOLOGY AND BIOINFORMATICS, 2014, 11 (06) :1239-1252
[3]   Multivariate online anomaly detection using kernel recursive least squares [J].
Ahmed, Tarem ;
Coates, Mark ;
Lakhina, Anukool .
INFOCOM 2007, VOLS 1-5, 2007, :625-+
[4]  
[Anonymous], 2003, NOVEL ANOMALY DETECT
[5]  
[Anonymous], 2014, TECHNICAL REPORT
[6]   Chaos Theory Based Detection against Network Mimicking DDoS Attacks [J].
Chonka, Ashley ;
Singh, Jaipal ;
Zhou, Wanlei .
IEEE COMMUNICATIONS LETTERS, 2009, 13 (09) :717-719
[7]   Statistical approaches to DDoS attack detection and response [J].
Feinstein, L ;
Schnackenberg, D ;
Balupari, R ;
Kindred, D .
DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL I, PROCEEDINGS, 2003, :303-314
[8]   Research on collaborative negotiation for e-commerce. [J].
Feng, YQ ;
Lei, Y ;
Li, Y ;
Cao, RZ .
2003 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-5, PROCEEDINGS, 2003, :2085-2088
[9]  
Giseop No, 2009, 2009 9th International Symposium on Communications and Information Technology. ISCIT 2009, P1223, DOI 10.1109/ISCIT.2009.5341118
[10]  
Gogoi P, 2012, COMM COM INF SC, V306, P322
123