Detecting SYN flooding attacks based on traffic prediction

Security and Communication Networks

Volumn 5, Issue 10, 2012, Pages 1131-1140

  Wang, Shangguang ^a   Sun, Qibo ^a   Zou, Hua ^a   Yang, Fangchun ^a  

^a BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS   (China)

Author keywords

Denial of service; Grey system theory; SYN flooding attacks; Traffic prediction

Indexed keywords

DISTRIBUTED COMPUTER SYSTEMS; FLOODS; FORECASTING; NETWORK SECURITY; SYSTEM THEORY; TRAFFIC CONTROL;

CUMULATIVE SUM ALGORITHMS; DENIAL OF SERVICE; DISTRIBUTED DENIAL OF SERVICE ATTACK; GREY PREDICTION MODEL; GREY SYSTEM THEORY; SYN FLOODING ATTACK; TRACE DRIVEN SIMULATION; TRAFFIC PREDICTION;

DENIAL-OF-SERVICE ATTACK;

EID: 84867612184     PISSN: 19390114     EISSN: 19390122     Source Type: Journal    
DOI: 10.1002/sec.428     Document Type: Article

References (32)

1. Zhou CV, Leckie C, Karunasekera S. A survey of coordinated attacks and collaborative intrusion detection. Computers and Security 2010; 29:124-140.
2. Li Z, Gao Y, Chen Y. HiFIND: a high-speed flow-level intrusion detection approach with DoS resiliency. Computer Networks 2010; 54:1282-1299.
3. Bellaiche M, Gregoire J-C. Source detection of SYN flooding attacks. Proceedings of the 2009 International Conference on Network and Service Security (N2S 2009), 2009; 1-6.
4. Nashat D, Xiaohong J, Horiguchi S. Detecting SYN flooding agents under any type of IP spoofing. Proceedings of IEEE International Conference on e-Business Engineering (ICEBE 200), 2008; 499-505.
5. Thatte G, Mitra U, Heidemann J. Parametric methods for anomaly detection in aggregate traffic. IEEE/ACM Transactions on Networking 2011; 19:512-525.
6. Haining W, Danlu Z, Kang GS. Detecting SYN flooding attacks. Proceedings of the Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2002), 2002; 1530-1539.
7. Siris VA, Papagalou F. Application of anomaly detection algorithms for detecting SYN flooding attacks. Computer Communications 2006; 29:1433-1442.
8. Yu J, Lee H, Kim M-S, Park D. Traffic flooding attack detection with SNMP MIB using SVM. Computer Communications 2008; 31:4212-4219.
9. Palmieri F, Fiore U. Network anomaly detection through nonlinear analysis. Computers and Security 2010; 29:737-755.
10. Safa H, Chouman M, Artail H, Karam M. A collaborative defense mechanism against SYN flooding attacks in IP networks. Journal of Network and Computer Applications 2008; 31:509-534.
11. Yang-Seo C, Jin-Tae O, Jong-Soo J, Jae-Cheol R. Integrated DDoS attack defense infrastructure for effective attack prevention. Proceedings of the 2nd FTRA International Conference Information Technology Convergence and Services (ITCS 2010), 2010; 1-6.
12. Qibo S, Shangguang W, Danfeng Y, Fangchun Y. ARM-CPD: detecting SYN flooding attack by traffic prediction. Proceedings of the 2nd IEEE International Conference on Broadband Network and Multimedia Technology (IEEE IC-BNMT 2009), 2009; 443-447.
13. Ranjan N, Murthy HA, Gonsalves TA. Detection of SYN flooding attacks using generalized autoregressive conditional heteroskedasticity (GARCH) modeling technique. Proceedings of the 2010 National Conference on in Communications (NCC 2010), 2010; 1-5.
14. Fengyu W, Bin G, Yi H, Ningbo Z. Network anomaly detection based on traffic prediction. Proceedings of the International Conference on in Scalable Computing and Communications; the 8th International Conference on Embedded Computing (SCALCOM-EMBEDDEDCOM 2009), 2009; 449-454.
15. Yi S, Xinyu Y, Huijun Z. A flooding-based DoS/DDoS detecting algorithm based on traffic measurement and prediction advances in information and computer security. Proceedings of the First International Workshop on Security(IWSEC 2006), 2006; 252-267.
16. Xiao B, Chen W, He Y. An autonomous defense against SYN flooding attacks: detect and throttle attacks at the victim side independently. Journal of Parallel and Distributed Computing 2008; 68:456-470.
17. Changhua S, Chengchen H, Yi T, Bin L. More accurate and fast SYN flood detection. Proceedings of 18th International Conference on Computer Communications and Networks (ICCCN 2009), 2009; 1-6.
18. Doron E, Wool A. WDA: a Web farm distributed denial of service attack attenuator. Computer Networks 2011; 55:1037-1051.
19. Ramana Rao K, Sumeet S, George V. On scalable attack detection in the network. IEEE/ACM Transactions on Networking 2007; 15:14-25.
20. Rathgeb EP, Hohendorf C, Nordhoff M. On the robustness of SCTP against DoS attacks. Proceedings of the 3nd FTRA International Conference on Convergence and Hybrid Information Technology (ICCIT 2008), 2008; 1144-1149.
21. Deng J. Control problems of grey system. Systems and Control Letters 1982; 1:288-294.
22. Deng J. Introduction to grey system theory. Journal of Grey System 1989; 1:1-24.
23. Kayacan E, Ulutas B, Kaynak O. Grey system theory-based models in time series prediction. Expert Systems with Applications 2010; 37:1784-1789.
24. Wang H, Zhang D, Shin KG. Change-point monitoring for the detection of DoS attacks. IEEE Transactions on Dependable and Secure Computing 2004; 1:193-208.
25. Hellerstein JL, Zhang F, Shahabuddin P. A statistical approach to predictive detection. Computer Networks 2001; 35:77-95.
26. Tao L, Chen D, Ronggong S. Measure large scale network security using adjacency matrix attack graphs. Proceedings of the 5th FTRA International Conference on Future Information Technology (FutureTech 2010), 2010; 1-8.
27. Ponomarchuk Y, Seo D. Intrusion detection based on traffic analysis and fuzzy inference system in wireless sensor networks. Journal of Convergence 2010; 1:35-42.
28. Imani M, Taheri M, Naderi M. Security enhanced routing protocol for ad hoc networks. Journal of Convergence 2010; 1:43-48.
29. Xie B, Kumar A, Zhao D, Reddy R, He B. On secure communication in integrated heterogeneous wireless networks. International Journal of Information Technology, Communications and Convergence 2010; 1:4-23.
30. Kumar D, Aseri T, Patel R. Multi-hop communication routing (MCR) protocol for heterogeneous wireless sensor networks. International Journal of Information Technology, Communications and Convergence 2011; 1:130-145.
31. El-Semary AM, Mostafa MG-HM. Distributed and scalable intrusion detection system based on agents and intelligent techniques. Journal of Information Processing Systems 2010; 6:481-500.
32. Kim H, Chitti RB, Song J. Handling malicious flooding attacks through enhancement of packet processing technique in mobile ad hoc networks. Journal of Information Processing Systems 2011; 7:137-150.