General Information
    • ISSN: 1793-8201 (Print), 2972-4511 (Online)
    • Abbreviated Title: Int. J. Comput. Theory Eng.
    • Frequency: Quarterly
    • DOI: 10.7763/IJCTE
    • Editor-in-Chief: Prof. Mehmet Sahinoglu
    • Associate Editor-in-Chief: Assoc. Prof. Alberto Arteta, Assoc. Prof. Engin Maşazade
    • Managing Editor: Ms. Mia Hu
    • Abstracting/Indexing: Scopus (Since 2022), INSPEC (IET), CNKI,  Google Scholar, EBSCO, etc.
    • Average Days from Submission to Acceptance: 192 days
    • E-mail: ijcte@iacsitp.com
    • Journal Metrics:

Editor-in-chief
Prof. Mehmet Sahinoglu
Computer Science Department, Troy University, USA
I'm happy to take on the position of editor in chief of IJCTE. We encourage authors to submit papers concerning any branch of computer theory and engineering.

HOME > Archive > 2009 > Volume 1, Number 1 (Apr. 2009) >
IJCTE 2009 Vol.1(1): 71-80 ISSN: 1793-8201
DOI: 10.7763/IJCTE.2009.V1.12

Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detectionin ISP Network

B. B. Gupta, R. C. Joshi and Manoj Misra

Abstract—Denial of service (DoS) attacks and more particularly the distributed ones (DDoS) are one of the lates tthreat and pose a grave danger to users, organizations and infrastructures of the Internet. Several schemes have been proposed on how to detect some of these attacks, but they suffer from a range of problems, some of them being impractical and others not being effective against these attacks. This paper reports the design principles and evaluation results of our proposed framework that autonomously detects and accurately characterizes a wide range of flooding DDoS attacks in ISP network. Attacks are detected by the constant monitoring of propagation of abrupt traffic changes inside ISP network. For this, a newly designed flow-volume based approach (FVBA) is used to construct profile of the traffic normally seen in the network, and identify anomalies whenever traffic goes out of profile. Consideration of varying tolerance factors make proposed detection system scalable to the varying network conditions and attack loads in real time. Six-sigma method is used to identify threshold values accurately for malicious flows characterization. FVBA has been extensively evaluated in a controlled test-bed environment. Detection thresholds and efficiency is justified using receiver operating characteristics(ROC) curve. For validation, KDD 99, a publicly available bench mark dataset is used. The results show that our proposed system gives a drastic improvement in terms of detection and false alarm rate.

Index Terms—Distributed Denial of Service Attacks, False Positives, False Negatives, ISP Network, Network Security

B. B. Gupta is with the Department of Electronics & Computer Engg., Indian Institute of Technology, Roorkee, 247667 India. (phone:+91-9927713132).
R. C. Joshi is with the Department of Electronics & Computer Engg., Indian Institute of Technology, Roorkee, 247667 India.
Manoj Misra is with the Department of Electronics & Computer Engg., Indian Institute of Technology, Roorkee, 247667 India.

[PDF]

Cite: B. B. Gupta, R. C. Joshi and Manoj Misra, "Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network," International Journal of Computer Theory and Engineering vol. 1, no. 1, pp. 71-80, 2009.

PREVIOUS PAPER
Location Updating Strategies in Moving Object Databases
NEXT PAPER
Velocity Control of DC Motor Based Intelligent Methods and Optimal Integral State Feed Back Controller


Copyright © 2008-2024. International Association of Computer Science and Information Technology. All rights reserved.