Using a History-based Profile to Detect and Respond to DDoS Attacks

Negar Mosharraf; Anura P. Jayasumana; Indrakshi Ray

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Using a History-based Profile to Detect and Respond to DDoS Attacks

Topics: Intrusion Detection & Prevention; Network Security; Security Engineering; Security in Distributed Systems

In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 0ICETE, 175-186, 2017 , Madrid, Spain

Authors: Negar Mosharraf ; Anura P. Jayasumana and Indrakshi Ray

Affiliation: Colorado State University, United States

Keyword(s): Distributed Denials of Service Attack, Flooding Attack, Network Security, Bloom Filter.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention ; Network Security ; Security Engineering ; Security in Distributed Systems ; Security in Information Systems ; Wireless Network Security

Abstract: Distributed Denial-of-Service (DDoS) attack has been identified among the most serious threat to service availability on the Internet. It prevents legitimate users from accessing the victim node by flooding and consuming network resources. In order to combat such attacks, a distributed defense mechanism is needed that will thwart the attack traffic in real time. We propose one such mechanism that when deployed is able to filter out malicious and allow legitimate traffic to the extent possible during the attack period. We characterize the network traffic and introduce a new history-based profile algorithm that filters potential attack traffic and aims to maximize the flow of legitimate traffic in the event of an attack. We investigate the features of network traffic that can be used to do such filtration. We use a Bloom filter based mechanism to efficiently implement the history-based profile model which serves to reduce the communication and computation costs. We evaluate our scheme using simulations on recent real-world traffic datasets. The experimental results demonstrate the effectiveness of our scheme. In order to improve communication and computation costs even further, we propose using three octets of the IP address instead of the whole address. We also demonstrate how using three octets of IP address impacts the accuracy, efficiency, and memory requirement of the filtering mechanism. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 52.15.238.221

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Mosharraf, N.; P. Jayasumana, A. and Ray, I. (2017). Using a History-based Profile to Detect and Respond to DDoS Attacks. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT; ISBN 978-989-758-259-2; ISSN 2184-3236, SciTePress, pages 175-186. DOI: 10.5220/0006435801750186

@conference{secrypt17,
author={Negar Mosharraf. and Anura {P. Jayasumana}. and Indrakshi Ray.},
title={Using a History-based Profile to Detect and Respond to DDoS Attacks},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT},
year={2017},
pages={175-186},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006435801750186},
isbn={978-989-758-259-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT
TI - Using a History-based Profile to Detect and Respond to DDoS Attacks
SN - 978-989-758-259-2
IS - 2184-3236
AU - Mosharraf, N.
AU - P. Jayasumana, A.
AU - Ray, I.
PY - 2017
SP - 175
EP - 186
DO - 10.5220/0006435801750186
PB - SciTePress