DDoS attack detection method using cluster analysis
Distributed Denial of Service (DDoS) attacks generate enormous packets by a large number of agents and can easily exhaust the computing and communication resources of a victim within a short period of time. In this paper, we propose a method for proactive detection of DDoS attack by exploiting its architecture which consists of the selection of handlers and agents, the communication and compromise, and attack. We look into the procedures of DDoS attack and then select variables based on these features. After that, we perform cluster analysis for proactive detection of the attack. We experiment with 2000 DARPA Intrusion Detection Scenario Specific Data Set in order to evaluate our method. The results show that each phase of the attack scenario is partitioned well and we can detect precursors of DDoS attack as well as the attack itself. (C) 2007 Elsevier Ltd. All rights reserved.
- Publisher
- PERGAMON-ELSEVIER SCIENCE LTD
- Issue Date
- 2008-04
- Language
- English
- Article Type
- Article
- Keywords
SERVICE ATTACKS
- Citation
EXPERT SYSTEMS WITH APPLICATIONS, v.34, pp.1659 - 1665
- ISSN
- 0957-4174
- Appears in Collection
- IE-Journal Papers(저널논문)
- Files in This Item
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 153 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.