DDoS Attacks Detection by Means of Statistical Models

In this article we present a network traffic DDoS attacks detectionmethod based on modeling the variability with the use of conditional average and variance in examined time series. Variability predictions of the analyzed network traffic are realized by estimated statistical models ARFIMA and FIGARCH. We propose simple parameter estimation models with the use of maximum likelihood function. The choice of sparingly parameterized form of the models is realized by means of information criteria representing a compromise between brevity of representation and the size of the prediction error. In the described method we propose using statistical relations between predicted and analyzed network traffic in order to detect abnormal behavior possibly being a result of a network attack. Performed experiments confirmed effectiveness of the analyzed method and cogency of the statistical models. abstract environment.