| Computer Science and Information Systems | |
| Distinguishing Flooding Distributed Denial of Service from Flash Crowds Using Four Data Mining Approaches | |
| Meimei Li1 Kun Yang2 Degang Sun3 Zhixin Shi4 Bin Kong5 | |
| [1] Institute of Information Engineering, Chinese Academy of Sciences;National Secrecy Science and Technology Evaluation Center;School of Computer and Information Technology, Beijing Jiaotong University;School of Cyber Security, University of Chinese Academy of Sciences;School of Economics and Management, Beijing Jiaotong University | |
| 关键词: Flooding DDoS; Flash Crowds; Data Mining; Entropy; | |
| DOI : 10.2298/CSIS161230032K | |
| 学科分类:社会科学、人文和艺术(综合) | |
| 来源: Computer Science and Information Systems | |
 PDF
|
|
【 摘 要 】
Flooding Distributed Denial of Service (DDoS) attacks can cause significant damage to Internet. These attacks have many similarities to Flash Crowds (FCs) and are always difficult to distinguish. To solve this issue, this paper first divides existing methods into two categories to clarify existing researches. Moreover, after conducting an extensive analysis, a new feature set is concluded to profile DDoS and FC. Along with this feature set, this paper proposes a new method that employs Data Mining approaches to discriminate between DDoS attacks and FCs. Experiments are conducted to evaluate the proposed method based on two realworld datasets. The results demonstrate that the proposed method could achieve a high accuracy (more than 98%). Additionally, compared with a traditional entropy method, the proposed method still demonstrates better performance.
【 授权许可】
CC BY-NC-ND
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO201904028967649ZK.pdf | 595KB |  download |
878987797
028-85220240
