Online Submission!

Open Journal Systems

ANOMALY BASED APPROACH FOR DEFENDING DENIAL OF SERVICE ATTACK IN WEB TRAFFIC

R. Ramkumar, Sri Gowtham

Abstract


Distributed Denial of Service (DDOS) attacks has become a great threat for internet security. This attackis an advanced form of DOS (Denial of Service) attack. This attack changes its whole origin ID and it gives trouble to find it out and it has become a serious threat for internet security.

Full Text:

PDF

References


A. Valdes and K. Skinner, "Adaptive, Model-Based Monitoring for Cyber Attack Detection," presented at Recent Advances in Intrusion Detection, Toulouse, France, 2000.etkovic, M., Jonker, W. Preface,

―Special issue on secure data management,‖ Journal of Computer

Security, 17(1), pp.1-3 (2009)

K. Park and H. Lee. On the effectiveness of route-based packet filtering for distributed dos attack prevention in power-law in-ternets.

In Proceedings of ACM SIGCOMM ’2001, San Diego, CA, August 2001.

Blazek, R., H. Kim, B. Rozovskii, and A. Tartakovsky, ―A Novel

Approach to Detection of Denial-of- Service Attacks via Adaptive Sequential and Batch-sequential Change-Point Detection Methods,‖ Proc. of the 2001 IEEE Workshop on Information Assurance and Security, June 2001.

Eleazar Eskin, Matthew Miller, Zhi-Da Zhong, George Yi, Wei-Ang Lee, Salvatore Stolfo,‖ Adaptive Model Generation for Intrusion Detection Systems‖,IEEE Computer Society, 2001.

Y. Chen and K. Hwang, ―Collaborative Change Detection of DDoS Attacks on Community and ISP Networks‖, IEEE Int’l Symp. on Collaborative Technologies and Systems (CTS 2006), Las Vegas, May 15-17, 2006. Proc. of the 2nd ACM SIGCOMM Workshop on Internet Measurements, 71 - 82 (2002).

Greg Vert Deb orah A. Frincke Jesse C. McConnell,‖ A Visual Mathematical Mo del for Intrusion Detection‖, IEEE Fourth Computer Security Applications Conference , 2002.

J. Ioannidis and S. M. Bellovin, ―Implementing Pushback: Router-Based Defense against DDoS Attacks,‖ Network and Distributed System Security Symposium. (NDSS), San Diego, CA. Feb. 6-8, 2002

W. Streilein, R.K. Cunningham, S.E. Webster, Improved detection of low-profile probe and novel denialof- service attacks (2002), Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, Baltimore, Maryland, June 2002, pp.

Akella, A. et al. (2003). Detecting DDoS Attacks on ISP Networks. In ACM SIGMOD/PODS Workshop on management and processing of data streams (MPDS) FCRC.

Feinstein, L. et al. (2003). Statistical approach to DDoS attack detection and response. In Proceedings of the DARPA information survivability conference and exposition (pp. 303–314).

C. Jin, H. Wang, and K. Shin, ―Hop-count Filtering: An Effective Defense against Spoofed DDoS Traffic,‖ Proc. of the 10th ACM Conference on Computer and Communications Security, 2003, pp. 30-41.

C. F. Tsai and C. Y. Lin, ―A Triangle Area Based Nearest Neighbors Approach to Intrusion Detection,‖ Pattern Recognition, vol. 43, pp. 222-229, 2010. 6. A. A. Cardenas, J. S. Baras, and V. Ramezani, ―Distributed change detection for worms, DDoS and other network attacks,‖ The American Control Conference, Vol.2, pp. 1008-1013, 2004.

Y. Kim, W. C. Lau, M. C. Chuah, and H. J. Chao, ―PacketScore: Statistics-Based Overload Control Against Distributed Denial of-Service Attacks,‖ Proc. INFOCOM, 2004.

Y. Chen, Y. K. Kwok, and K. Hwang, ―MAFIC: Adaptive Packet Dropping for Cutting Malicious Flows to Pushback DDoS Attacks,‖ IEEE International Workshop on Security in Distributed Computing Systems (SDCS-2005), 2005.

Yu Chen, Yu-Kwong Kwok, and Kai Hwang, University of Southern California, Los Angeles,‖ Filtering Shrew DDoS Attacks Using A New Frequency-Domain Approach‖, on June 20, 2005.

D. Gavrilis and E. Dermatas, ―Real-time Detection of Distributed Denial-of-service Attacks Using RBF Networks and Statistical Features,‖ Computer Networks, vol. 48, no. 2, pp. 235-245, 2005.

C. Yu, H. Kai, and K. Wei-Shinn, ―Collaborative Detection of DDoS Attacks over Multiple Network Domains,‖ Parallel and Distributed Systems, IEEE Transactions on, vol. 18, pp. 1649-1662, 2007.

Ahmed T., Coates M., Lakhina A.: Multivariate Online Anomaly Detection Using Kernel Recursive Least Squares. Proc. of 26th IEEE International Conference on Computer Communications (2007)

K. Lee, J. Kim, K. H. Kwon, Y. Han, and S. Kim, ―DDoS attack detection method using cluster analysis,‖ Expert Systems with Applications, vol. 34, no. 3, pp. 1659-1665, 2008.

W. Hu, W. Hu, and S. Maybank, ―AdaBoost-Based Algorithm for Network Intrusion Detection,‖ Trans. Sys. Man Cyber. Part B, vol. 38, no. 2, pp. 577-583, 2008.

Y.Dhanalakshmi 1 and Dr .I. Ramesh Babu,‖ Intrusion Detection Using Data Mining Along Fuzzy Logic and Genetic Algorithms‖, IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.2, February 2008.

Marina Thottan, Guanglei Liu, Chuanyi Ji,‖ Anomaly Detection Approaches for Communication Networks‖, IEEE/ACM Tran. Networking (2009)

Zhong ,R and Yue ,G. (2010) DDoS detection system based on data mining. Proceedings of the 2nd International Symposium on Networking and Network Security, Jinggangshan , China, 2 – 4 April , pp .062 – 065 . Academy Publisher.

Barford P., Kline J., Plonka D., Ron A.: A Signal Analysis of Network Traffic Anomalies. , vol. 18, pp. 1649-1662 2008

Lifang Zi, John Yearwoody, Xin-Wen Wuz,‖ Adaptive Clustering with Feature Ranking for DDoS Attacks Detection‖ Fourth International Conference on Network and System Security, , Vol. 8, Issue 5, No 1, 2010.




DOI: http://dx.doi.org/10.6084/ijact.v4i4.112

Refbacks

  • There are currently no refbacks.