Detecting DDoS attack based on compensation non-parameter CUSUM algorithm
An effective DDoS attack detection method on target-end network was proposed.The main goal was to detect attack in early stages with few expenditure,and record the suspicious packets in the same time.For DDoS attacks which based on TCP,many unacknowledged segments will be observed in victim end.In e...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2008-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74655919/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | An effective DDoS attack detection method on target-end network was proposed.The main goal was to detect attack in early stages with few expenditure,and record the suspicious packets in the same time.For DDoS attacks which based on TCP,many unacknowledged segments will be observed in victim end.In every time period ? t,calculated the ratio of the number of unacknowledged segments and the number of all segments.Then,the statistical sequence based on time came into being.After that,an improved non-parameter recursive CUSUM algorithm was used to detect attack effi-ciently on line.In this procedure,the suspicious packets were also recorded.Experiments prove that this algorithm is fast and efficient.It has low false-positive rate and could adapt to more complex network environments.In addition,it is helpful to attack analysis and tracing. |
|---|---|
| ISSN: | 1000-436X |