Presentation | 2006-01-20 A DoS/DDoS Attacks Detection Scheme Based on In/Out Traffic Proportion FengXiang Zhang, Shunji ABE, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Denial of Service(DoS)/DDoS(Distribute DoS) attacks become the most prevalent threats against the widely used Internet. The goal of DoS/DDoS attacks is to prevent victim machines or networks from offering service to their legitimate users. Many detecting mechanisms based on traffic statistics properties have been proposed. However most of them are essentially based on unidirectional traffic changes. Thus they might result in serious false alarms when legitimately abrupt changes appear. We have proposed a heuristic detection scheme, which mainly checks the In/Out traffic proportion at the protected node's gateway or the router nearby. In normal cases, this kind of proportion is close to a constant value. By checking the likelihood ratio of the proportion distribution between two adjacent periods, we are able to find anomaly changes. After comprehensively considering the feasibility and practicability, we have constructed an anomaly detecting scheme based on in/out traffic proportion, directly towards the significant targets on Internet. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Denial of service attacks / IP networks / legitimately abrupt change / In/Out traffic proportion / Generalized Likelihood Ratio |
Paper # | IA2005-20 |
Date of Issue |
Conference Information | |
Committee | IA |
---|---|
Conference Date | 2006/1/12(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Internet Architecture(IA) |
---|---|
Language | ENG |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A DoS/DDoS Attacks Detection Scheme Based on In/Out Traffic Proportion |
Sub Title (in English) | |
Keyword(1) | Denial of service attacks |
Keyword(2) | IP networks |
Keyword(3) | legitimately abrupt change |
Keyword(4) | In/Out traffic proportion |
Keyword(5) | Generalized Likelihood Ratio |
1st Author's Name | FengXiang Zhang |
1st Author's Affiliation | Department of Informatics, Graduate University for Advanced Studies() |
2nd Author's Name | Shunji ABE |
2nd Author's Affiliation | National Institute of Informatics |
Date | 2006-01-20 |
Paper # | IA2005-20 |
Volume (vol) | vol.105 |
Number (no) | 530 |
Page | pp.pp.- |
#Pages | 5 |
Date of Issue |