Yonghong Chen, Xin Chen, H. Tian, Tian Wang, Yiqiao Cai
{"title":"一种通过集群匹配跟踪DDoS攻击报文真实来源的盲检测方法","authors":"Yonghong Chen, Xin Chen, H. Tian, Tian Wang, Yiqiao Cai","doi":"10.1109/ICCSN.2016.7586583","DOIUrl":null,"url":null,"abstract":"With the rapid growth of the Internet, the impact of attacks becomes more serious. IP spoofing makes hosts hard to defend against DDoS attacks. In this paper, we propose a blind detection method for tracing the real source of DDoS attack packets. Tracing the real source of a single-packet is difficult, so we trace-back a cluster of similar packets rather than a single-packet by cluster matching. We choose K-harmonic means clustering method to preprocess the packets according to our proposed quantitative model, at the same time, we propose an approach to determine the best number of clusters. In addition, we propose a novel detection algorithm about cluster matching for tracing the real source of packet clusters based on K-harmonic means and our improved silhouette. Experimental results show that our method can detect the real source of packets with up to 92.54% accuracy.","PeriodicalId":158877,"journal":{"name":"2016 8th IEEE International Conference on Communication Software and Networks (ICCSN)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A blind detection method for tracing the real source of DDoS attack packets by cluster matching\",\"authors\":\"Yonghong Chen, Xin Chen, H. Tian, Tian Wang, Yiqiao Cai\",\"doi\":\"10.1109/ICCSN.2016.7586583\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the rapid growth of the Internet, the impact of attacks becomes more serious. IP spoofing makes hosts hard to defend against DDoS attacks. In this paper, we propose a blind detection method for tracing the real source of DDoS attack packets. Tracing the real source of a single-packet is difficult, so we trace-back a cluster of similar packets rather than a single-packet by cluster matching. We choose K-harmonic means clustering method to preprocess the packets according to our proposed quantitative model, at the same time, we propose an approach to determine the best number of clusters. In addition, we propose a novel detection algorithm about cluster matching for tracing the real source of packet clusters based on K-harmonic means and our improved silhouette. Experimental results show that our method can detect the real source of packets with up to 92.54% accuracy.\",\"PeriodicalId\":158877,\"journal\":{\"name\":\"2016 8th IEEE International Conference on Communication Software and Networks (ICCSN)\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 8th IEEE International Conference on Communication Software and Networks (ICCSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCSN.2016.7586583\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 8th IEEE International Conference on Communication Software and Networks (ICCSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSN.2016.7586583","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A blind detection method for tracing the real source of DDoS attack packets by cluster matching
With the rapid growth of the Internet, the impact of attacks becomes more serious. IP spoofing makes hosts hard to defend against DDoS attacks. In this paper, we propose a blind detection method for tracing the real source of DDoS attack packets. Tracing the real source of a single-packet is difficult, so we trace-back a cluster of similar packets rather than a single-packet by cluster matching. We choose K-harmonic means clustering method to preprocess the packets according to our proposed quantitative model, at the same time, we propose an approach to determine the best number of clusters. In addition, we propose a novel detection algorithm about cluster matching for tracing the real source of packet clusters based on K-harmonic means and our improved silhouette. Experimental results show that our method can detect the real source of packets with up to 92.54% accuracy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
