Abstract
The problem of substantiating decisions made in the field of information security through estimates of the complexity of detecting types of DDOS attacks is considered. Estimates are a quantitative measure of a particular type of attack relative to normal network operation traffic data in its own feature space. Own space is represented by a set of informative features. To assess the complexity of detecting types of DDOS attacks, a measure of compactness by latent features on the numerical axis was used. The values of this measure were calculated as the product of intraclass similarity and interclass difference. It is shown that compactness in terms of latent features in its own space is higher than in the entire space. The values of latent features were calculated using the method of generalized estimates. According to this method, objects of normal traffic and a specific type of attack are considered as opposition to each other. An informative feature set is the result of an algorithm that uses the rules of hierarchical agglomerative grouping. At the first step, the feature with the maximum weight value is included in the set. The grouping rules apply the feature invariance property to the scales of their measurements. An analysis of the complexity of detection for 12 types of DDOS attacks is given. The power of sets of informative features ranged from 3 to 16.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
