Change-Point Cloud DDoS Detection using Packet Inter-Arrival Time

被引：0

作者：

Osanaiye, Opeyemi ^{[1
,2
]}

Choo, Kim-Kwang Raymond ^{[2
]}

Dlodlo, Mqhele ^{[1
]}

机构：

[1] Univ Cape Town, Dept Elect Engn, Rondebosch, South Africa

[2] Univ South Australia, Informat Assurance Res Grp, Adelaide, SA 5095, Australia

来源：

2016 8TH COMPUTER SCIENCE AND ELECTRONIC ENGINEERING CONFERENCE (CEEC) | 2016年

关键词：

DDoS attacks; Cloud DDoS; Change-point; CUSUM; Inter-arrival time; Traffic flow; CLASSIFICATION;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace- driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.

引用

页码：204 / 209

页数：6

共 30 条

[1] [Anonymous], 2000, Change-point Analyzer 2.0 Shareware Program
[2] [Anonymous], COMPUTER J
[3] [Anonymous], 1992, BREAKTHROUGHS STAT
[4] A novel intrusion severity analysis approach for Clouds
Arshad, Junaid
Townend, Paul
Xu, Jie
[J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF GRID COMPUTING AND ESCIENCE, 2013, 29 (01): : 416 - 428
[5] On the TCP Flow Inter-arrival Times Distribution
Arshadi, Laleh
Jahangir, Amir Hossein
[J]. UKSIM FIFTH EUROPEAN MODELLING SYMPOSIUM ON COMPUTER MODELLING AND SIMULATION (EMS 2011), 2011, : 360 - 365
[6] CAIDA, 2000, DDOS ATT 2007 DAT
[7] Choo K.K.R., 2010, TRENDS ISSUES CRIME, V386, P1
[8] The cyber threat landscape: Challenges and future research directions
Choo, Kim-Kwang Raymond
[J]. COMPUTERS & SECURITY, 2011, 30 (08) : 719 - 731
[9] A cusum change-point detection algorithm for non-stationary sequences with application to data network surveillance
De Oca, Veronica Montes
Jeske, Daniel R.
Zhang, Qi
Rendon, Carlos
Marvasti, Mazda
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2010, 83 (07) : 1288 - 1297
[10] Anomaly-based intrusion detection of jamming attacks, local versus collaborative detection
Fragkiadakis, Alexandros G.
Siris, Vasilios A.
Petroulakis, Nikolaos E.
Traganitis, Apostolos P.
[J]. WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2015, 15 (02) : 276 - 294

← 1 2 3 →