Fast and lightweight detection and filtering method for low-rate TCP targeted distributed denial of service (LDDoS) attacks
Yükleniyor...
Dosyalar
Tarih
2018
Yazarlar
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
Wiley
Erişim Hakkı
info:eu-repo/semantics/closedAccess
Özet
Detection and filtering of low-rate distributed denial of service (LDDoS) attacks is hard since their behavior is similar to legitimate users' behavior. In the literature, there are many filtering approaches and metrics for LDDoS attacks. However, most of the LDDoS detection methods in the literature only monitor congestion state. Actually, precongestion period that the attack has already started has valuable information about the attack. In this study, we proposed a method that uses precongestion period for metric calculation. Also, most of LDDoS filtering approaches have high false-positive and false-negative rates and also require long period of time for detection. Additionally, we developed an efficient method for detection and filtering of LDDoS attacks. According to the experimental results, the proposed LDDoS detection method has zero false-positive and false-negative rates under the scenarios; attack detection time is significantly reduced with using the proposed metric calculation approach. Also, the proposed method has a simple logic, and it requires simple calculations. This increases the applicability of the developed method.
Açıklama
WOS: 000450984700011
Anahtar Kelimeler
distributed denial of service attacks, internet of things, lightweight security, network security
Kaynak
International Journal Of Communication Systems
WoS Q Değeri
Q3
Scopus Q Değeri
Q2
Cilt
31
Sayı
18
