標題: DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis
作者: Wu, Yi-Chi
Tseng, Huei-Ru
Yang, Wuu
Jan, Rong-Hong
資訊工程學系
Department of Computer Science
公開日期: 2009
摘要: As modern life becomes increasingly closely bound to the Internet, network security becomes increasingly important. Like it or not, we all live under the shadow of network threats. The threats could cause leakage of privacy and/or economic loss. Among network attacks, the DDoS (distributed denial-of-service) attack is one of the most frequent and serious. In a DDoS attack, an attacker first breaks into many innocent computers (called zombies) by taking advantages of known or unknown bugs and vulnerabilities in the software. Then the attacker sends a large number of packets from these already-captured zombies to a server These packets either occupy a major portion of the server's network bandwidth or they consume much of the server's time. The server is then prevented from conducting normal business operations. In order to mitigate the DDoS threat, we design a system to detect DDoS attacks based on a decision-tree technique and, after detecting an attack, to trace back to the approximate locations of the attacker with a traffic-flow pattern-matching technique. We conduct our experiment on the DETER system. According to our experiment results, our system could detect the DDoS attack with the false positive ratio about 1.2% - 2.4%, false negative ratio about 2% - 10% with different kind of attack, attack sending rate and find the attack path in traceback with the false negative rate 8% - 12% and false positive rate 12% - 14%.(1)
URI: http://hdl.handle.net/11536/14433
http://dx.doi.org/10.1109/MUE.2009.60
ISBN: 978-0-7695-3658-3
DOI: 10.1109/MUE.2009.60
期刊: THIRD INTERNATIONAL CONFERENCE ON MULTIMEDIA AND UBIQUITOUS ENGINEERING (MUE 2009)
起始頁: 306
結束頁: 314
顯示於類別:會議論文


文件中的檔案:

  1. 000290918300052.pdf

若為 zip 檔案,請下載檔案解壓縮後,用瀏覽器開啟資料夾中的 index.html 瀏覽全文。