Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Soft Computing
Published in: Soft Computing 13/2017

18-01-2016 | Methodologies and Application

A protocol-free detection against cloud oriented reflection DoS attacks

Authors: Le Xiao, Wei Wei, Weidong Yang, Yulong Shen, Xianglin Wu

Published in: Soft Computing | Issue 13/2017

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Distributed denial of service (DDoS) attack presents a critical threat to cloud infrastructure, where many manipulated hosts flood the victim cloud with plenty of packets, which will lead to the exhaustion of bandwidth and other system resources. As one type of DDoS attack, in reflection DoS (RDoS) attack, legitimate servers (reflectors) are fooled into sending a large number of packets to the victim cloud. Most of the existed RDoS attack detection mechanisms are protocol-specific, thus low in efficiency. It is inspected that because of being triggered by the same attacking flow, intra-unite correlation exists among the packet rate of attacking flows. Based on the phenomenon, a flow correlation coefficient (FCC)-based protocol-free detection (PFD) algorithm is proposed. The simulation results show that PFD can detect attacking flows efficiently and effectively and is not protocol-specific, thus can be used as effective supplement to existed algorithms.
previous article Rough set methods in feature selection via submodular function
next article Fuzzy -tolerance competition graphs

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now
Appendix
Available only for authorised users
Literature
Crovella M, Bestavros A (1997) Self-similarity in world wide web traffic: Evidence and possible causes. IEEE/ACM Trans Netw. 5(6):835–846CrossRef
Ferguson P (2000) rfc2827:network ingress filtering: defeating denial of service attacks which employ ip source address spoofing
Ficco M, Palmieri F (2015) Introducing fraudulent energy consumption in cloud infrastructures: a new generation of denial-of-service attacks. IEEE Syst J 99:1–11
Jung J, Krishnamurthy B, Rabinovich M (2002) Flash crowds and denial of service attacks: characterization and implications for cdns and web sites. In: Proc. 11th Intl Conf. World Wide Web (WWW), pp 252–262
Kandula S, Katabi D, Jacob M, Berger A (2005) Botz-4-sale: surviving organized ddos attacks that mimic flash crowds. In: Proceedings of the 2nd conference on Symposium on Networked Systems Design, vol 2, pp 287–300
Oikonomou G, Mirkovic J (2009) Modeling human behavior for defense against flash-crowd attacks. In: Proc. IEEE Intl Conf. Comm
Palmieri F, Ricciardi S, Fiore U (2011) Evaluating network-based dos attacks under the energy consumption perspective: new security issues in the coming green ICT area. International Conference on Broadband. Wireless Computing, Communication and Applications (BWCCA), pp 374–379
Palmieri F, Ficco M, Castiglione A (2014a) Adaptive stealth energy-related dos attacks against cloud data centers. In: International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp 265–272
Palmieri F, Fiore U, Castiglione A (2014b) A distributed approach to network anomaly detection based on independent component analysis. Concurr Comput Pract Exp 26(5):1113–1129CrossRef
Palmieri F, Ricciardi S, Fiore U, Ficco M, Castiglione A (2015) Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures. J Supercomput 71(5):1620–1641CrossRef
Paxson V (2001) An analysis of using reflectors for distributed denial-of-service attacks. ACM SIGCOMM Comput Commun Rev 31(3):38–47CrossRef
Paxson V, Floyd S (1995) Wide area traffic: the failure of poisson modeling. IEEE/ACM Trans Netw 3(3):226–244CrossRef
Rooj G (2011) Real stateful tcp packet filtering in ip filter. In: 10th USENIX Security Symposium
Scherrer A, Larrieu N, Owezarski P, Borgnat P, Abry P (2007) Non-gaussian and long memory statistical characterizations for internet traffic with anomalies. IEEE Trans Dependable Secure Comput 4(1):56–70CrossRef
Tsunoda H, Ohta K, Yamamoto A, Ansari N, Waizumi Y, Nemoto Y (2008) Detecting drdos attacks by a simple response packet confirmation mechanism. Comput Commun 31(14):3299–3306CrossRef
Wei W, Chen F, Xia Y, Jin G (2013) A rank correlation based detection against distributed reflection dos attacks. IEEE Commun Lett 17(1):173–175CrossRef
Wei W, Liu Y, Zhang Y (2014a) TRLMS: two-stage resource scheduling algorithm for cloud based live media streaming system. IEICE Trans Inf Syst 97-D(7):1731–1734
Xie Y, Yu S (2009a) A large-scale hidden semi-markov model for anomaly detection on user browsing behaviors. IEEE/ACM Trans Netw 17(1):54–56CrossRef
Xie Y, Yu S (2009b) Monitoring the application-layer ddos attacks for popular websites. IEEE/ACM Trans Netw 17(1):15–25CrossRef
Yu S, Zhou W, Doss R (2008) Information theory based detection against network behavior mimicking ddos attacks. IEEE Commun Lett 12(4):319–321
Yu S, Zhou W, Jia W, Guo S, Xiang Y, Tang F (2013) Discriminating ddos attacks from flash crowds using flow correlation coffcient. IEEE Trans Parallel Distribut Syst 23(6):1073–1080CrossRef
Metadata
Title
A protocol-free detection against cloud oriented reflection DoS attacks
Authors
Le Xiao
Wei Wei
Weidong Yang
Yulong Shen
Xianglin Wu
Publication date
18-01-2016
Publisher
Springer Berlin Heidelberg
Published in
Soft Computing / Issue 13/2017
Print ISSN: 1432-7643
Electronic ISSN: 1433-7479
DOI
https://doi.org/10.1007/s00500-015-2025-6

Other articles of this Issue 13/2017

Soft Computing 13/2017 Go to the issue

Focus

Spaces with fuzzy partitions and fuzzy transform

Focus

Pattern matching: overview, benchmark and comparison with F-transform general matching algorithm

Methodologies and Application

Fuzzy $$\phi $$ ϕ -tolerance competition graphs

Focus

Multivariate fuzzy transform of complex-valued functions determined by monomial basis

Methodologies and Application

Another approach to rough soft hemirings and corresponding decision making

Methodologies and Application

Enhancement of stock market forecasting using an improved fundamental analysis-based approach

Premium Partner

    Image Credits