Low rate DDoS mitigation using real-time multi threshold traffic monitoring system

Abstract

The low rate distributed denial of service (DDoS) attack has been identified as most vulnerable to the network services which has been studied recently. The approaches consider only the high rate DoS attacks and ignore rest in low rate. The existing techniques suffer with poor detection of low rate attacks as they consider only limited features of network traffic. Variety of techniques mitigate such threats using different parameters like amount of data in service packet as payload, number of intermediate nodes, and so on. The previous techniques struggle to detect and mitigate them in efficient way. Towards improving the detection and mitigation performance of low rate threats, the author presents a novel real time traffic monitoring algorithm which uses multi threshold traffic analysis. By considering the payload, hop count, latency, packet counts, the method analyzes the real time traffic. Using the features obtained from the traffic, the method computes the low rate threat measure. Based on computed threat measure, the packets trustworthy have been validated. The method produces higher detection rate in low rate DDoS attack detection and produces efficient results.