Tuesday, April 25, 2017

A HYBRID APPROACH COMBINING RULE-BASED AND ANOMALY-BASED DETECTION AGAINST DDOS ATTACKS

International Journal of Network Security & Its Applications (IJNSA)


ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

http://airccse.org/journal/ijnsa.html


Volume 08, Number 05 - September  2016


Article -    A HYBRID APPROACH COMBINING RULE-BASED AND ANOMALY-BASED                           DETECTION AGAINST DDOS ATTACKS

Authors -  Chin-Ling Chen1 and Hsin-Chiao Chen2

                1Department of Information Management, National Pingtung University, Pingtung,
                 Taiwan, 900
               2Department of Information Management, National Pingtung Institute of Commerce,                           Pingtung, Taiwan, 900


ABSTRACT

We have designed a hybrid approach combining rule-based and anomaly-based detection against DDoS attacks. In the approach, the rule-based detection has established a set of rules and the anomaly-based detection use one-way ANOVA test to detect possible attacks. We adopt TFN2K (Tribe Flood, the Net 2K) as an attack traffic generator and monitor the system resource of the victim like throughput, memory utilization, CPU utilization consumed by attack traffic. Target users of the proposed scheme are data center administrators. The types of attack traffic have been analysed and by that we develop a defense scheme. The experiment has demonstrated that the proposed scheme can effectively detect the attack traffic.

 KEYWORDS

 Distributed denial of service, firewall, detection




at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

#crytography #protocols #datacenter #network #optimization #database #systemsecurity #spam #phishing #email #iot #internetsecurity #intrusio...