Distinguishing Flooding Distributed Denial of Service from Flash Crowds Using Four Data Mining Approaches

Bin Kong; Kun Yang; Degang Sun; Meimei Li; Zhixin Shi

Geodesic

Parcourir par

Distinguishing Flooding Distributed Denial of Service from Flash Crowds Using Four Data Mining Approaches

Bin Kong ; Kun Yang ; Degang Sun ; Meimei Li ; Zhixin Shi

Computer Science and Information Systems, Tome 14 (2017) no. 3.

Voir la notice de l'article provenant de la source Computer Science and Information Systems website

Résumé

Flooding Distributed Denial of Service (DDoS) attacks can cause significant damage to Internet. These attacks have many similarities to Flash Crowds (FCs) and are always difficult to distinguish. To solve this issue, this paper first divides existing methods into two categories to clarify existing researches. Moreover, after conducting an extensive analysis, a new feature set is concluded to profile DDoS and FC. Along with this feature set, this paper proposes a new method that employs Data Mining approaches to discriminate between DDoS attacks and FCs. Experiments are conducted to evaluate the proposed method based on two realworld datasets. The results demonstrate that the proposed method could achieve a high accuracy (more than 98%). Additionally, compared with a traditional entropy method, the proposed method still demonstrates better performance.

Keywords: Flooding DDoS, Flash Crowds, Data Mining, Entropy

@article{CSIS_2017_14_3_a18,
     author = {Bin Kong and Kun Yang and Degang Sun and Meimei Li and Zhixin Shi},
     title = {Distinguishing {Flooding} {Distributed} {Denial} of {Service} from {Flash} {Crowds} {Using} {Four} {Data} {Mining} {Approaches}},
     journal = {Computer Science and Information Systems},
     publisher = {mathdoc},
     volume = {14},
     number = {3},
     year = {2017},
     url = {http://geodesic.mathdoc.fr/item/CSIS_2017_14_3_a18/}
}

TY  - JOUR
AU  - Bin Kong
AU  - Kun Yang
AU  - Degang Sun
AU  - Meimei Li
AU  - Zhixin Shi
TI  - Distinguishing Flooding Distributed Denial of Service from Flash Crowds Using Four Data Mining Approaches
JO  - Computer Science and Information Systems
PY  - 2017
VL  - 14
IS  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/CSIS_2017_14_3_a18/
ID  - CSIS_2017_14_3_a18
ER  -

%0 Journal Article
%A Bin Kong
%A Kun Yang
%A Degang Sun
%A Meimei Li
%A Zhixin Shi
%T Distinguishing Flooding Distributed Denial of Service from Flash Crowds Using Four Data Mining Approaches
%J Computer Science and Information Systems
%D 2017
%V 14
%N 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/CSIS_2017_14_3_a18/
%F CSIS_2017_14_3_a18

Bin Kong; Kun Yang; Degang Sun; Meimei Li; Zhixin Shi. Distinguishing Flooding Distributed Denial of Service from Flash Crowds Using Four Data Mining Approaches. Computer Science and Information Systems, Tome 14 (2017) no. 3. http://geodesic.mathdoc.fr/item/CSIS_2017_14_3_a18/