Detecting DDoS attack based on compensation non-parameter CUSUM algorithm
An effective DDoS attack detection method on target-end network was proposed.The main goal was to detect attack in early stages with few expenditure,and record the suspicious packets in the same time.For DDoS attacks which based on TCP,many unacknowledged segments will be observed in victim end.In e...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2008-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74655919/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841537584703995904 |
|---|---|
| author | YAN Fen1~3 CHEN Yi-qun3 HUANG Hao1 YIN Xin-chun3 |
| author_facet | YAN Fen1~3 CHEN Yi-qun3 HUANG Hao1 YIN Xin-chun3 |
| author_sort | YAN Fen1~3 |
| collection | DOAJ |
| description | An effective DDoS attack detection method on target-end network was proposed.The main goal was to detect attack in early stages with few expenditure,and record the suspicious packets in the same time.For DDoS attacks which based on TCP,many unacknowledged segments will be observed in victim end.In every time period ? t,calculated the ratio of the number of unacknowledged segments and the number of all segments.Then,the statistical sequence based on time came into being.After that,an improved non-parameter recursive CUSUM algorithm was used to detect attack effi-ciently on line.In this procedure,the suspicious packets were also recorded.Experiments prove that this algorithm is fast and efficient.It has low false-positive rate and could adapt to more complex network environments.In addition,it is helpful to attack analysis and tracing. |
| format | Article |
| id | doaj-art-f91949df66f14a4ca0e319307094d7b3 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2008-01-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-f91949df66f14a4ca0e319307094d7b32025-01-14T08:32:33ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2008-01-0112613274655919Detecting DDoS attack based on compensation non-parameter CUSUM algorithmYAN Fen1~3CHEN Yi-qun3HUANG Hao1YIN Xin-chun3An effective DDoS attack detection method on target-end network was proposed.The main goal was to detect attack in early stages with few expenditure,and record the suspicious packets in the same time.For DDoS attacks which based on TCP,many unacknowledged segments will be observed in victim end.In every time period ? t,calculated the ratio of the number of unacknowledged segments and the number of all segments.Then,the statistical sequence based on time came into being.After that,an improved non-parameter recursive CUSUM algorithm was used to detect attack effi-ciently on line.In this procedure,the suspicious packets were also recorded.Experiments prove that this algorithm is fast and efficient.It has low false-positive rate and could adapt to more complex network environments.In addition,it is helpful to attack analysis and tracing.http://www.joconline.com.cn/zh/article/74655919/information securityDDoSnon-parameter CUSUM algorithmattack detectionTCPunacknowledged segments |
| spellingShingle | YAN Fen1~3 CHEN Yi-qun3 HUANG Hao1 YIN Xin-chun3 Detecting DDoS attack based on compensation non-parameter CUSUM algorithm Tongxin xuebao information security DDoS non-parameter CUSUM algorithm attack detection TCP unacknowledged segments |
| title | Detecting DDoS attack based on compensation non-parameter CUSUM algorithm |
| title_full | Detecting DDoS attack based on compensation non-parameter CUSUM algorithm |
| title_fullStr | Detecting DDoS attack based on compensation non-parameter CUSUM algorithm |
| title_full_unstemmed | Detecting DDoS attack based on compensation non-parameter CUSUM algorithm |
| title_short | Detecting DDoS attack based on compensation non-parameter CUSUM algorithm |
| title_sort | detecting ddos attack based on compensation non parameter cusum algorithm |
| topic | information security DDoS non-parameter CUSUM algorithm attack detection TCP unacknowledged segments |
| url | http://www.joconline.com.cn/zh/article/74655919/ |
| work_keys_str_mv | AT yanfen13 detectingddosattackbasedoncompensationnonparametercusumalgorithm AT chenyiqun3 detectingddosattackbasedoncompensationnonparametercusumalgorithm AT huanghao1 detectingddosattackbasedoncompensationnonparametercusumalgorithm AT yinxinchun3 detectingddosattackbasedoncompensationnonparametercusumalgorithm |