Abstract
A Hybrid Approach Combining Rule-Based and Anomaly-Based Detection Against DDoS Attacks
Highlights
Distributed Denial of Service (DDoS) has caused a serious threat to network security since it has significantly damaged network infrastructure as well as Internet services
We mainly focus on network/transport-level flooding attacks to simplify the experiment
We has proposed a novel rule-based DDoS detection scheme along with ANOVA test, in which three types of system resource usage are examined
Summary
Distributed Denial of Service (DDoS) has caused a serious threat to network security since it has significantly damaged network infrastructure as well as Internet services. On the other hand, flooding attack creates a large number of attack network traffic, service requests and connections, and consuming a large number of victim resources, such as CPU, bandwidth and internal memory. Rather than alerting whenever some exceptional traffic pattern is observed, an anomaly-based detection is capable of discerning between attack traffic and normal traffic. This type of detection is more powerful, but more difficult to implement. For the part of rule-based detection, we set up three criteria for incoming traffic. They are throughput, CPU utilization and memory utilization.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Network Security & Its Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
