Fast and lightweight detection and filtering method for low-rate TCP targeted distributed denial of service (LDDoS) attacks
Loading...
Files
Date
2018
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Wiley
Access Rights
info:eu-repo/semantics/closedAccess
Abstract
Detection and filtering of low-rate distributed denial of service (LDDoS) attacks is hard since their behavior is similar to legitimate users' behavior. In the literature, there are many filtering approaches and metrics for LDDoS attacks. However, most of the LDDoS detection methods in the literature only monitor congestion state. Actually, precongestion period that the attack has already started has valuable information about the attack. In this study, we proposed a method that uses precongestion period for metric calculation. Also, most of LDDoS filtering approaches have high false-positive and false-negative rates and also require long period of time for detection. Additionally, we developed an efficient method for detection and filtering of LDDoS attacks. According to the experimental results, the proposed LDDoS detection method has zero false-positive and false-negative rates under the scenarios; attack detection time is significantly reduced with using the proposed metric calculation approach. Also, the proposed method has a simple logic, and it requires simple calculations. This increases the applicability of the developed method.
Description
WOS: 000450984700011
Keywords
distributed denial of service attacks, internet of things, lightweight security, network security
Journal or Series
International Journal Of Communication Systems
WoS Q Value
Q3
Scopus Q Value
Q2
Volume
31
Issue
18
