{"title":"Change-point cloud DDoS detection using packet inter-arrival time","authors":"O. Osanaiye, Kim-Kwang Raymond Choo, M. Dlodlo","doi":"10.1109/CEEC.2016.7835914","DOIUrl":null,"url":null,"abstract":"Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace-driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.","PeriodicalId":114518,"journal":{"name":"2016 8th Computer Science and Electronic Engineering (CEEC)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 8th Computer Science and Electronic Engineering (CEEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CEEC.2016.7835914","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 26
Abstract
Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace-driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
