A new metric for flow-level filtering of low-rate DDoS attacks
Yükleniyor...
Dosyalar
Tarih
2015
Yazarlar
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
Wiley-Hindawi
Erişim Hakkı
info:eu-repo/semantics/closedAccess
Özet
Low-rate distributed denial-of-service (LDDoS) attacks dramatically reduce transmission control protocol throughput by exploiting the vulnerability in the transmission control protocol congestion control mechanism. The current study proposes a new metric called mean Internet Protocol (IP) packet delay variation (mipdv) to detect LDDoS flows and a filtering method called ipdv-based LDDoS filtering (ILF) using mipdv. Receiving first seven packets from a flow is sufficient to calculate the mipdv metric. Subsequently, mipdv can be recalculated for each received packet. This makes the detection of LDDoS flows possible in a short time (in a few tens of milliseconds in most cases). Ns2 simulations were conducted to evaluate the performance of ILF. Experimental results show that ILF detects LDDoS flows in a very short time with very high accuracy. Copyright (C) 2015 John Wiley & Sons, Ltd.
Açıklama
WOS: 000367922500042
Anahtar Kelimeler
low-rate distributed DoS, TCP, QoS, ipdv, congestion
Kaynak
Security And Communication Networks
WoS Q Değeri
Q3
Scopus Q Değeri
Q2
Cilt
8
Sayı
18
