Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
GraphScSh: Efficient I/O Scheduling and Graph Sharing for Concurrent Graph Processing Read chapter Read first chapter

2019 | OriginalPaper | Chapter

High Performance DDoS Attack Detection System Based on Distribution Statistics

Authors : Xia Xie, Jinpeng Li, Xiaoyang Hu, Hai Jin, Hanhua Chen, Xiaojing Ma, Hong Huang

Published in: Network and Parallel Computing

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Nowadays, web servers often face the threat of distributed denial of service attacks and their intrusion prevention systems cannot detect those attacks effectively. Many existing intrusion prevention systems detect attacks by the state of per-flow and current processing speed cannot fulfill the requirements of real-time detection due to the high speed traffic. In this paper, we propose a powerful system TreeSketchShield which can improve sketch data structure and detect attacks quickly. First, we discuss a novel structure TreeSketch to obtain statistics of network flow, which utilizes the stepped structure of binary tree to map the distribution and reduces the complexity of the statistic calculation. Second, we present a two-level detection scheme that could make a compromise between the detection speed and detection accuracy. Experimental results show that our method can process more than 100,000 records per second. The false alarm rate can achieve 2% to 25% performance improvement.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter BGElasor: Elastic-Scaling Framework for Distributed Streaming Processing with Deep Neural Network
next chapter DDP-B: A Distributed Dynamic Parallel Framework for Meta-genomics Binary Similarity
Literature
1.
Osanaiye, O., Choo, K.K.R., Dlodlo, M.: Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J. Netw. Comput. Appl. 67, 147–165 (2016)CrossRef
2.
Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013)CrossRef
3.
Yu, S., Zhou, W., Jia, W., Guo, S., Xiang, Y., Tang, F.: Discriminating DDoS attacks from flash crowds using flow correlation coefficient. IEEE Trans. Parallel Distrib. Syst. 23(6), 1073–1080 (2012)CrossRef
4.
Xie, Y., Yu, S.: Monitoring the application-layer DDoS attacks for popular websites. IEEE/ACM Trans. Netw. 17(1), 15–25 (2009)CrossRef
5.
Chonka, A., Singh, J., Zhou, W.: Chaos theory based detection against network mimicking DDoS attacks. IEEE Commun. Lett. 13(9), 717–719 (2009)CrossRef
6.
Rahmani, H., Sahli, N., Kammoun, F.: Joint entropy analysis model for DDoS attack detection. In: Proceedings of the 5th International Conference on Information Assurance and Security, pp. 267–271 (2009)
7.
Ben, U., Bremler, A., Levy, H.: Vulnerability of network mechanisms to sophisticated DDoS attacks. IEEE Trans. Comput. 62(5), 1031–1043 (2013)MathSciNetCrossRef
8.
Tang, J., Cheng, Y., Hao, Y., Song, W.: SIP flooding attack detection with a multi-dimensional sketch design. IEEE Trans. Dependable Secur. Comput. 11(6), 582–595 (2014)CrossRef
9.
Liu, Y., Chen, W., Guan, Y.: A fast sketch for aggregate queries over high-speed network traffic. In: Proceedings of the IEEE International Conference on Computer Communications, pp. 2741–2745 (2012)
10.
Gangam, S., Sharma, P., Fahmy, S.: Pegasus: precision hunting for icebergs and anomalies in network flows. In: Proceedings of the IEEE International Conference on Computer Communications, pp. 1420–1428 (2013)
11.
Wang, P., Guan, X., Zhao, J., Tao, J., Qin, T.: A new sketch method for measuring host connection degree distribution. IEEE Trans. Inf. Forensics Secur. 9(6), 948–960 (2014)CrossRef
12.
Schweller, R., et al.: Reverse hashing for high-speed network monitoring: algorithms, evaluation, and applications. In: Proceedings of the IEEE International Conference on Computer Communications, pp. 1–12 (2006)
13.
Liu, H., Sun, Y., Kim, M.: Fine-grained DDoS detection scheme based on bidirectional count sketch. In: Proceedings of the 20th International Conference on Computer Communications and Networks, pp. 1–6 (2011)
14.
Wang, C., Miu, T.N., Luo, X., Wang, J.: SkyShield: a sketch-based defense system against application layer DDoS attacks. IEEE Trans. Inf. Forensics Secur. 13(3), 559–573 (2018)CrossRef
15.
Metadata
Title
High Performance DDoS Attack Detection System Based on Distribution Statistics
Authors
Xia Xie
Jinpeng Li
Xiaoyang Hu
Hai Jin
Hanhua Chen
Xiaojing Ma
Hong Huang
Copyright Year
2019
Book
Network and Parallel Computing

Print ISBN: 978-3-030-30708-0

Electronic ISBN: 978-3-030-30709-7

Copyright Year: 2019

DOI
https://doi.org/10.1007/978-3-030-30709-7_11

Premium Partner

    Image Credits