Efficient and Secure Statistical DDoS Detection Scheme

Hussein Majed, Hassan Noura, Ola Salman, Mohammad Malli, Ali Chehab

Abstract

One of the hardest challenges in cybersecurity is the detection and prevention of Distributed Denial of Service (DDoS) attacks. In this paper, a lightweight statistical approach for DDoS detection is presented, in addition to preventive and corrective countermeasures. The proposed solution is designed to be applied at the Internet Service Provider (ISP) level. Based on aggregated NetFlow statistics, the proposed solution relies on the Z-score and co-variance measures to detect DDoS traffic as a deviation from normal traffic. The implementation results show a high detection rate (up to 100%) for 30 seconds time slot.

Download


Paper Citation