loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Hamza Rahmani ; Nabil Sahli and Farouk Kamoun

Affiliation: National School for Computer Sciences, Tunisia

Keyword(s): Distributed denial of service, Probability distribution, Joint probability, Stochastic process, Central limit theorem.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention

Abstract: Distributed Denial of Service (DDoS) attack is a critical threat to the Internet by severely degrading its performance. DDoS attack can be considered a system anomaly or misuse from which abnormal behaviour is imposed on network traffic. Network traffic characterization with behaviour modelling could be a good indication of attack detection witch can be performed via abnormal behaviour identification. In this paper, we will focus on the design and evaluation of the statistically automated attack detection. Our key idea is that contrary to DDoS traffic, flash crowd is characterized by a large increase not only in the number of packets but also in the number of IP connexions. The joint probability between the packet arrival process and the number of IP connexions process presents a good estimation of the degree of coherence between these two processes. Statistical distances between an observation and a reference time windows are computed for joint probability values. We show and illust rate that anomalously large values observed on these distances betray major changes in the statistics of Internet time series and correspond to the occurrences of illegitimate anomalies. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.90.205.166

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Rahmani, H.; Sahli, N. and Kamoun, F. (2009). A TRAFFIC COHERENCE ANALYSIS MODEL FOR DDOS ATTACK DETECTION. In Proceedings of the International Conference on Security and Cryptography (ICETE 2009) - SECRYPT; ISBN 978-989-674-005-4; ISSN 2184-3236, SciTePress, pages 148-154. DOI: 10.5220/0002231901480154

@conference{secrypt09,
author={Hamza Rahmani. and Nabil Sahli. and Farouk Kamoun.},
title={A TRAFFIC COHERENCE ANALYSIS MODEL FOR DDOS ATTACK DETECTION},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2009) - SECRYPT},
year={2009},
pages={148-154},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002231901480154},
isbn={978-989-674-005-4},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2009) - SECRYPT
TI - A TRAFFIC COHERENCE ANALYSIS MODEL FOR DDOS ATTACK DETECTION
SN - 978-989-674-005-4
IS - 2184-3236
AU - Rahmani, H.
AU - Sahli, N.
AU - Kamoun, F.
PY - 2009
SP - 148
EP - 154
DO - 10.5220/0002231901480154
PB - SciTePress