Abstract
Distributed denial-of-service (DDoS) attacks pose a great threat to the data center, and many defense mechanisms have been proposed to detect it. On one hand, many services deployed in data center can easily lead to corresponding DDoS attacks. On the other hand, attackers constantly modify their tools to bypass these existing mechanisms, and researchers in turn modify their approaches to handle new attacks. Thus, the DDoS against data center is becoming more and more complex. In this paper, we first analyze the correlation information of flows in data center. Second, we present an effective detection approach based on CKNN (K-nearest neighbors traffic classification with correlation analysis) to detect DDoS attacks. The approach exploits correlation information of training data to improve the classification accuracy and reduce the overhead caused by the density of training data. Aiming at solving the huge cost, we also present a grid-based method named r-polling method for reducing training data involved in the calculation. Finally, we evaluate our approach with the Internet traffic and data center traffic trace. Compared with the traditional methods, our approach is good at detecting abnormal traffic with high efficiency, low cost and wide detection range.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
