Enhancing DDoS flood attack detection via intelligent fuzzy logic

Informatica (Ljubljana)

Volumn 34, Issue 4, 2010, Pages 497-507

  Xia, Zhengmin ^a   Lu, Songnian ^a   Li, Jianhua ^a   Tang, Junhua ^a  

^a SHANGHAI JIAO TONG UNIVERSITY   (China)

Author keywords

Fuzzy logic; Network security; Self similarity; Statistical detection

Indexed keywords

ATTACK DETECTION; CHANGE-POINTS; DISTRIBUTED DENIAL OF SERVICE; HURST PARAMETER; INFORMATION CRITERION; NETWORK BANDWIDTH; NETWORK EQUIPMENT; NETWORK TRAFFIC; SCHWARZ; SELF-SIMILARITIES; STATISTICAL ANALYSIS; STATISTICAL DETECTION; TEST RESULTS; TWO STAGE;

COMPUTER SIMULATION; DISCRETE WAVELET TRANSFORMS; FUZZY SYSTEMS; NETWORK SECURITY; TELECOMMUNICATION TRAFFIC; TIME SERIES; TIME SERIES ANALYSIS;

FUZZY LOGIC;

EID: 78650122734     PISSN: 03505596     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (32)

1. http://www.cert.org.
2. M. Li. An approach to reliably identifying signs of DDOS flood attacks based on LRD traffic pattern recognition. Computers & Security, 23(7): 549-558, 2004.
3. W.E. Leland, M.S. Taqqu and W. Willinger. On the self-similar nature of ethernet traffic (extended version). IEEE/ACM Transactions on Networking, 2(1): 1-15, 1994.
4. V. Paxson and S. Floyd. Wide area traffic: the failure of Poisson modeling. IEEE/ACM Transactions on Networking, 3(3): 226-244, 1995.
5. O. Tickoo and B. Sikdar. On the impact of IEEE 802.11 MAC on traffic characteristics. IEEE Journal on Selected Areas in Communications, 21(2): 189-203, 2003.
6. C.S. Sastry, S. Rawat and A.K. Pujari. Network traffic analysis using singular value decomposition and multiscale transforms. Information Sciences, 177(23): 5275-5291, 2007.
7. M.F. Rohani, M.A. Maarof and A. Selamat. Continuous LoSS detection using iterative window based on SOSS model and MLS approach. In Proceedings of the International Conference on Computer and Communication Engineering, Kuala Lumpur, Malaysia, May 2008.
8. D. Rincón and S. Sallent. On-line segmentation of non-stationary fractal network traffic with wavelet transforms and Log-likelihood-based statistics. LNCS, 3375: 110-123, 2005.
9. N. K. Swain. A survey of application of fuzzy logic in intelligent transportation systems (ITS) and rural ITS. In Proceedings of the IEEE Southeast Conference, March 2006.
10. S.X. Wu and W. Banzhaf. The use of computational intelligence in intrusion detection systems: A review. Applied Soft Computing, 10: 1-35, 2010.
11. L.A. Zadeh. Fuzzy sets. Information and Control, 8(3): 338-353, 1965.
12. A. Abraham. Neuro-fuzzy systems: State-of-the-art modeling techniques, connectionist models of neurons, learning processes, and artificial intelligence. LNCS, 2084: 269-276, 2001.
13. A. Meier and N. Werro. A fuzzy classification model for online customers. Informatica, 31(2): 175-182, 2007.
14. J. Abonyi and B. Feil. Computational intelligence in data mining. Informatica, 29(1): 3-12, 2005.
15. S. Avdoshin and V. Serdiouk. Some approaches to information security of communication networks. Informatica, 26(1): 1-10, 2002.
16. C. Douligeris and A. Mitrokotsa. DDoS attacks and defense mechanisms: classification and stateof- the-art. Computer Networks, 44(5): 643-666, 2004.
17. A. Patcha and J. M. Park. An overview of anomaly detection techniques: existing solutions and latest technological trends. Computer Networks, 51(12): 3448-3470, 2007.
18. P. García-Teodoro, J. Díaz-Verdejo and G. Maciá- Fernández. Anomaly-based network intrusion detection: techniques, systems and challenges. Computers & Security, 28(1-2): 18-28, 2009.
19. W.B. Gong, Y. Liu and V. Misra. Self-similarity and long range dependence on the internet: a second look at the evidence, origins and implications. Computer Networks, 48(3): 377-399, 2005.
20. M. Li. Change trend of averaged Hurst parameter traffic under DDOS flood attacks. Computers & Security, 25(3): 213-220, 2006.
21. W.H. Allen and G.A. Marin. The LoSS technique for detecting new denial of service attacks. In Proceedings of IEEE South East Conference, Greensboro, NC, March 2004.
22. W. Schleifer and M. Männle. Online error detection through observation of traffic selfsimilarity. In Proceedings of the IEE Communications Conference, 148(1): 38-42, 2001.
23. X.Y. Ren, R.C. Wang and H.Y. Wang. Wavelet analysis method for detection of DDoS attack on the basis of self-similarity. Frontiers of Electrical and Electronic Engineering in China, 2(1): 73-77, 2007.
24. J.T. Wang and G. Yang. An intelligent method for real-time detection of DDoS attack based on fuzzy logic. Journal of Electronics (China), 25(4): 511-518, 2008.
25. S. Stoev, M. Taqqu and C. Park. On the wavelet spectrum diagnostic for Hurst parameter estimation in the analysis of Internet traffic. Computer Networks, 48(3): 423-445, 2005.
26. S. Song and K. Joseph. Some results on the selfsimilarity property in communication networks. IEEE Transactions on Communications, 52(10): 1636-1641, 2004.
27. J. Beran. Statistics for long-memory processes. Chapman & Hall, New York, 1994.
28. J. Chen and A. Gupta. Testing and Locating Variance Change points with Application to Stock Prices. Journal of the American Statistical Association, 92: 739-747, 1997.
29. X. Tian, J. Wu and C. Ji. A unified framework for understanding network traffic using independent wavelet models. In Proceedings of IEEE INFOCOM', June 2002.
30. B. B. Mandelbrot and J. W. Van Ness. Fractional Brownian motions, fractional noises and applications. SIAM Review, 10(4): 422-437, 1968.
31. A. Patrice and V. Darryl. Wavelet analysis of Long-Range-Dependence traffic. IEEE Transactions on Information Theory, 44(1): 2-15, 1998.
32. http://www.cubinlab.ee.unimelb.edu.au/%7Edarryl