37 Hits in 4.9 sec

Detecting LDoS Attacks based on Abnormal Network Traffic

Kai Chen
2012 KSII Transactions on Internet and Information Systems  
In this paper, we address the problem of detecting LDoS attacks and present a scheme based on the fluctuant features of legit TCP and acknowledgment (ACK) traffic.  ...  Traditionally, LDoS detecting methods mainly concentrate on the attack stream with feature matching, and only a limited number of attack patterns can be detected off-line with high cost.  ...  Proposed Detection Strategy This section describes several abnormity of network traffic, and then introduces a new LDoS detection scheme based on them.  ... 
doi:10.3837/tiis.2012.07.007 fatcat:tb2qqohvlrc7hcxefwnejxzgw4

Adaptive EWMA Method Based on Abnormal Network Traffic for LDoS Attacks

Dan Tang, Kai Chen, XiaoSu Chen, HuiYu Liu, Xinhua Li
2014 Mathematical Problems in Engineering  
As the fact that LDoS attacks led to abnormal distribution of the ACK traffic, LDoS attacks can be detected by analyzing the distribution characteristics of ACK traffic.  ...  Then traditional EWMA algorithm which can smooth the accidental error while being the same as the exceptional mutation may cause some misjudgment; therefore a new LDoS detection method based on adaptive  ...  Therefore the AEWMA algorithm is more suitable than the EWMA algorithm for LDoS attacks detection based on the abnormal characteristics of traffic.  ... 
doi:10.1155/2014/496376 fatcat:wrxmm6dax5e6fb5zxmyjwx6w4u

Low-Rate DoS Attacks Detection Based on MAF-ADM

Sijia Zhan, Dan Tang, Jianping Man, Rui Dai, Xiyin Wang
2019 Sensors  
In this paper, we propose an anomaly detection method based on adaptive fusion of multiple features (MAF-ADM) for LDoS attacks.  ...  This study is based on the fact that the time-frequency joint distribution of the legitimate transmission control protocol (TCP) traffic would be changed under LDoS attacks.  ...  [28] proposed a detection algorithm based on the multifractal characteristics of network traffic.  ... 
doi:10.3390/s20010189 pmid:31905728 fatcat:uyaslivmenerzmbzjtnsd22lru

The detection method of low-rate DoS attack based on multi-feature fusion

Liu Liang, Wang Huaiyuan, Wu Zhijun, Yue Meng
2020 Digital Communications and Networks  
With features extracted from the network traffic, a new detection approach based on multi-feature fusion is proposed to solve the problem in this paper.  ...  Meng, The detection method of low-rate DoS attack based on multi-feature fusion, Digital Communications and Networks (2020), doi: https:// Abstract As a new type of Denial of Service (DoS) attacks, the  ...  that the detection methods based on single flow and signal processing have a higher error rate for detecting LDoS attacks.  ... 
doi:10.1016/j.dcan.2020.04.002 fatcat:7ug57cb7yzb2lecrverdu7okae

Coherent Detection of Synchronous Low-Rate DoS Attacks

Zhijun Wu, Yue Yin, Guang Li, Meng Yue, Mamoun Alazab
2021 Security and Communication Networks  
Therefore, this paper proposes an attack detection method based on coherent detection, which adopts bivariate cyclic convolution algorithm.  ...  In this article, plenty of LDoS attack traffic is spread to the victim end to detect LDoS attacks.  ...  Many scholars have studied the application of autocorrelation detection in detecting abnormal network traffic [21, 22] .  ... 
doi:10.1155/2021/6694264 fatcat:7x6jjzoonjbijgldilymzks7ju

Low-rate DoS attack detection based on two-step cluster analysis and UTR analysis

Dan Tang, Rui Dai, Liu Tang, Xiong Li
2020 Human-Centric Computing and Information Sciences  
Aiming to combat DoS attacks, many methods have been proposed, in which a common detection method is based on abnormal statistical characteristics.  ...  Among all these attacks, TCP-targeted LDoS attacks are one of the most common LDoS attacks.  ...  Therefore, the method based on abnormal statistical characteristics cannot effectively detect this attack.  ... 
doi:10.1186/s13673-020-0210-9 fatcat:e55637qtyvejpn5kuua7uibjwq

Accurately Identifying New QoS Violation Driven by High-Distributed Low-Rate Denial of Service Attacks Based on Multiple Observed Features

Jian Kang, Mei Yang, Junyao Zhang
2015 Journal of Sensors  
Based on these features, we establishmultistream fused hidden Markov model(MF-HMM) to detect stealthy low-rate denial of service (LDoS) attacks hidden in legitimate network background traffic.  ...  We propose using multiple observed features of network traffic to identify new high-distributed low-rate quality of services (QoS) violation so that detection accuracy may be further improved.  ...  These methods detect the LDoS attacks by searching and identifying the abnormal network traffic caused by the LDoS attacks.  ... 
doi:10.1155/2015/465402 fatcat:iq7cnuy33jbtpd5hnoi2s35pxy

Low-Rate DoS Attacks, Detection, Defense, and Challenges: A Survey

Wu Zhijun, Li Wenjing, Liu Liang, Yue Meng
2020 IEEE Access  
DDoS attacks are the behavior of malicious blocking legitimate network traffic by destroying the targets and the infrastructure around it with huge network traffic.  ...  Hence, LDoS attack has a very small flow (around 10%-20% of the background traffic), it is easy to eluding the detection of routers and counter-DoS mechanisms.  ...  a: DETECTION METHODS BASED ON TRAFFIC FEATURE When the LDoS attack is initiated, the victim network will fluctuate frequently.  ... 
doi:10.1109/access.2020.2976609 fatcat:v7aclbxt5bcfjk7uv7fwshgrxa

A novel Low-rate Denial of Service attack detection approach in ZigBee wireless sensor network by combining Hilbert-Huang Transformation and Trust Evaluation

Hongsong Chen, Caixia Meng, Zhiguang Shan, Zhongchuan Fu, Bharat K. Bhargava
2019 IEEE Access  
We have proposed a scalable LDoS attack detection architecture for both WSN and IoT.  ...  INDEX TERMS LDoS attack, HHT, trust evaluation, ZigBee WSN, IoT, intrusion detection.  ...  As the traffic of LDoS attack is similar to that of normal routing protocol traffic, traditional threshold-based abnormal detection method cannot be directly used to detect the routing layer LDoS attack  ... 
doi:10.1109/access.2019.2903816 fatcat:tyqzhcdda5hwhjzbfvfr6b3n3i

The Detection Method of Collusive Interest Flooding Attacks Based on Prediction Error in NDN

Liu Liang, Feng Wenzhi, Wu Zhijun, Yue Meng, Zhang Rudan
2020 IEEE Access  
By analyzing the characteristics of network traffic and CIFA model, a new CIFA detecting method based on the prediction error between particle filter and one-step prediction algorithm is proposed.  ...  This scheme samples the network traffic and judges whether the network is under attack by comparing the normalized error value of the one-step prediction and the estimate of the particle filter.  ...  AN ATTACK DETECTION METHOD BASED ON PREDICTION ERROR Network traffic data is a kind of time series. Traditional traffic analysis is based on linear model.  ... 
doi:10.1109/access.2020.3008723 fatcat:mbc6qc3ei5ci7oeh5czgkio2rm

Early Detection of LDoS Attack using SNMP MIBs

Gayathri Rajakumaran, Neelanarayanan Venkataraman, Abdul Quadir, J. Kannan R., P. Kommers, A. S, A. Quadir Md
2021 ITM Web of Conferences  
Hence our model is based on Simple Network Management Protocol (SNMP), through which the early detection of LDoS attacks is carried out.  ...  LDoS attack is one among the DoS category which floods the target at ideal rate to keep the connections open for longer duration.  ...  Low rate DoS detection based on network multifractal [12] considers the characteristics of network traffic in the process of detecting DoS attack.  ... 
doi:10.1051/itmconf/20213701025 fatcat:wh3qxi4yxbbmpgz2ltsmg2vx4a

Detecting Network Anomalies using Rule-based machine learning within SNMP-MIB dataset [article]

Abdalrahman Hwoij, Mouhammd Al-kasassbeh, Mustafa Al-Fayoumi
2020 arXiv   pre-print
This paper developed a network traffic system that relies on adopted dataset to differentiate the DOS attacks from normal traffic.  ...  One of the most effective threats that targeting cybercriminals to limit network performance is Denial of Service (DOS) attack.  ...  The authors implemented a network traffic detection system that distinguishes DOS attacks from normal traffic based on an adopted dataset.  ... 
arXiv:2002.02368v1 fatcat:jdios5wb3vaqznztbfsgprzsyi

Network Attacks Detection Methods Based on Deep Learning Techniques: A Survey

Yirui Wu, Dabao Wei, Jun Feng
2020 Security and Communication Networks  
On the basis of categorization on deep learning methods, we pay special attention to attack detection methods built on different kinds of architectures, such as autoencoders, generative adversarial network  ...  In this paper, we offer a review on attack detection methods involving strength of deep learning techniques.  ...  Low rate denial of service (LDOS) attacks reduce the performance of network services, and it is difficult to distinguish the attack behavior from the normal traffic. us, a new detection method of LDOS  ... 
doi:10.1155/2020/8872923 fatcat:dr5syy4pdzgktmjrpeyc2njvoe

LSTM-CGAN: Towards Generating Low-rate DDoS Adversarial Samples for Blockchain-based Wireless Network Detection Models

Zengguang Liu, Xiaochun Yin
2021 IEEE Access  
The normal network traffic is stable, while LDDoS network traffic is gusty. When the change range of normal network traffic is abnormal, it can be judged that LDDoS attack occurs at this time.  ...  Thus, we can easily extend LDoS scenarios to LDDoS ones.  ... 
doi:10.1109/access.2021.3056482 fatcat:2yndnv44zfbtjdp2akuebqxnpy

Network anomaly detection for protecting web services from the application layer bandwidth flooding attack

K V Raghavender, Dr P.Premchand
2018 International Journal of Engineering & Technology  
In the interim, the application layer Bandwidth flooding attack (ALBFA) assaults are basic dangers to the Web, especially to those business web servers.  ...  BFADM can detect four types of abnormal traffic described below. 1) Repeated Request application layer DDoS attack: the focus is mostly on one or two resources on a specifically selected website. 2) Recursive  ...  Abnormal traffic detection The unusual movement discovery is the principal period of BFADM.  ... 
doi:10.14419/ijet.v7i2.11154 fatcat:4lx4tbdvyragzbjp2ovpkhrsey
« Previous Showing results 1 — 15 out of 37 results