Distinguishing DDoS attacks from flash crowds using probability metrics
| Contribuinte(s) |
Xiang, Yang Lopez, Javier Wang, Haining Zhou, Wanlei |
|---|---|
| Data(s) |
01/01/2009
|
| Resumo |
Both Flash crowds and DDoS (Distributed Denial-of-Service) attacks have very similar properties in terms of internet traffic, however Flash crowds are legitimate flows and DDoS attacks are illegitimate flows, and DDoS attacks have been a serious threat to internet security and stability. In this paper we propose a set of novel methods using probability metrics to distinguish DDoS attacks from Flash crowds effectively, and our simulations show that the proposed methods work well. In particular, these mathods can not only distinguish DDoS attacks from Flash crowds clearly, but also can distinguish the anomaly flow being DDoS attacks flow or being Flash crowd flow from Normal network flow effectively. Furthermore, we show our proposed hybrid probability metrics can greatly reduce both false positive and false negative rates in detection.<br /> |
| Identificador | |
| Idioma(s) |
eng |
| Publicador |
IEEE |
| Relação |
http://dro.deakin.edu.au/eserv/DU:30029016/zhou-distinguishingddosattacks-2009.pdf http://dro.deakin.edu.au/eserv/DU:30029016/zhou-nss-2009.pdf http://doi.ieeecomputersociety.org/10.1109/NSS.2009.35 |
| Direitos |
2009, IEEE |
| Palavras-Chave | #DDoS #Flash crowd #Probability metrics |
| Tipo |
Conference Paper |
