Non-negative increment feature detection of the traffic throughput for early DDoS attack

Ying Huang, Huizhong Sun, H. Jonathan Chao, Xiong Chao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

One of the major threats to cyber security is Distributed Denial of Service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.

Original languageEnglish (US)
Title of host publicationProceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007
Pages121-126
Number of pages6
DOIs
StatePublished - 2007
Event3rd IEEE International Conference on Signal Image Technologies and Internet Based Systems, SITIS'07 - Jiangong Jinjiang, Shanghai, China
Duration: Dec 16 2007Dec 18 2007

Other

Other3rd IEEE International Conference on Signal Image Technologies and Internet Based Systems, SITIS'07
CountryChina
CityJiangong Jinjiang, Shanghai
Period12/16/0712/18/07

Fingerprint

Telecommunication traffic
Throughput
Denial-of-service attack

ASJC Scopus subject areas

  • Computer Graphics and Computer-Aided Design
  • Computer Networks and Communications
  • Signal Processing

Cite this

Huang, Y., Sun, H., Chao, H. J., & Chao, X. (2007). Non-negative increment feature detection of the traffic throughput for early DDoS attack. In Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007 (pp. 121-126). [4618767] https://doi.org/10.1109/SITIS.2007.122

Non-negative increment feature detection of the traffic throughput for early DDoS attack. / Huang, Ying; Sun, Huizhong; Chao, H. Jonathan; Chao, Xiong.

Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007. 2007. p. 121-126 4618767.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Huang, Y, Sun, H, Chao, HJ & Chao, X 2007, Non-negative increment feature detection of the traffic throughput for early DDoS attack. in Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007., 4618767, pp. 121-126, 3rd IEEE International Conference on Signal Image Technologies and Internet Based Systems, SITIS'07, Jiangong Jinjiang, Shanghai, China, 12/16/07. https://doi.org/10.1109/SITIS.2007.122
Huang Y, Sun H, Chao HJ, Chao X. Non-negative increment feature detection of the traffic throughput for early DDoS attack. In Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007. 2007. p. 121-126. 4618767 https://doi.org/10.1109/SITIS.2007.122
Huang, Ying ; Sun, Huizhong ; Chao, H. Jonathan ; Chao, Xiong. / Non-negative increment feature detection of the traffic throughput for early DDoS attack. Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007. 2007. pp. 121-126
@inproceedings{e1686e2abfd748fd96a0fdb2e6989a8a,
title = "Non-negative increment feature detection of the traffic throughput for early DDoS attack",
abstract = "One of the major threats to cyber security is Distributed Denial of Service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.",
author = "Ying Huang and Huizhong Sun and Chao, {H. Jonathan} and Xiong Chao",
year = "2007",
doi = "10.1109/SITIS.2007.122",
language = "English (US)",
isbn = "9780769531229",
pages = "121--126",
booktitle = "Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007",

}

TY - GEN

T1 - Non-negative increment feature detection of the traffic throughput for early DDoS attack

AU - Huang, Ying

AU - Sun, Huizhong

AU - Chao, H. Jonathan

AU - Chao, Xiong

PY - 2007

Y1 - 2007

N2 - One of the major threats to cyber security is Distributed Denial of Service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.

AB - One of the major threats to cyber security is Distributed Denial of Service (DDoS) attacks. In this paper, we reveal the non-negative and cumulative increment effect of DDoS traffic throughput that is the feature accurately distinguished DDoS attacking traffic from normal flash crowd traffic. Our scheme can detect a DDoS attack in its early stages based on these feature. It can differentiate DDoS from flash crowd traffic effectively even if DDoS is potential. This scheme detects DDoS attacks with on-line and distributed characteristics. Simulation shows the algorithm's validity and accuracy.

UR - http://www.scopus.com/inward/record.url?scp=57849108523&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=57849108523&partnerID=8YFLogxK

U2 - 10.1109/SITIS.2007.122

DO - 10.1109/SITIS.2007.122

M3 - Conference contribution

SN - 9780769531229

SP - 121

EP - 126

BT - Proceedings - International Conference on Signal Image Technologies and Internet Based Systems, SITIS 2007

ER -