Skip to main content
SpringerLink
Log in

SVM Approach with CTNT to Detect DDoS Attacks in Grid Computing

  • Conference paper
Grid and Cooperative Computing - GCC 2005 (GCC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3795))

Included in the following conference series:

Abstract

In the last several years, DDoS attack methods become more sophisticated and effective. Hence, it is more difficult to detect the DDoS attack. In order to cope with these problems, there have been many researches on DDoS detection mechanism. However, the common shortcoming of the previous detection mechanisms is that they cannot detect new attacks. In this paper, we propose a new DDoS detection model based on Support Vector Machine (SVM). The proposed model uses SVM to automatically detect new DDoS attacks and uses Concentration Tendency of Network Traffic (CTNT) to analyze the characteristics of network traffic for DDoS attacks. Experimental results show that the proposed model can be a highly useful to detect various DDoS attacks.

This work was supported by the Ministry of Information Communication, Korea, under the Information Technology Research Center Support Program supervised by the IITA.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Garber, L.: Denial-of-Service Attacks Rip the Internet. IEEE Computer 33(4), 12–17 (2000)

    Google Scholar 

  2. Houle, J.K., Weaver, M.G.: Trends in Denial of Service Attack Technology, CERT Coordination Center (2001)

    Google Scholar 

  3. Moore, D., Voelker, G.M., Savage, S.: Inferring Internet Denial-of-Service Activity. In: Proceedings of the 10th USENIX Symposium, pp. 9–22 (2001)

    Google Scholar 

  4. Xiang, Y., Zhou, W.: Protect Grid from DDoS Attacks. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds.) GCC 2004. LNCS, vol. 3251, pp. 309–316. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Gil, T.M., Poletto, M.: MULTOPS: a data-structure for bandwidth attack detection. In: Proceedings of the 10th USENIX Security Symposium, pp. 23–38 (2001)

    Google Scholar 

  6. Kulkarni, A.B., Bush, S.F., Evans, S.C.: Detecting Distributed Denial-of-Service Attacks Using Kolmogorov Complexity Metrics. Technical report 2001CRD176, GE Research and Development Center (2001)

    Google Scholar 

  7. Wang, H., Zhang, D., Shin, K.G.: Detecting SYN Flooding Attacks. Proceedings of IEEE INFOCOM – The Conference on Computer Communications 21(1), 1530–1539 (2002)

    Google Scholar 

  8. Lee, C., Noh, S., Choi, K., Jung, G.: Characterizing DDoS Attacks with Traffic Rate Analysis. In: Proceedings of the IADIS e-Society, vol. 1, pp. 81–88 (2003)

    Google Scholar 

  9. Noh, S., Lee, C., Choi, K., Jung, K.: Detecting Distributed Denial of Service (DDoS) Attacks through Inductive Learning. In: Liu, J., Cheung, Y.-m., Yin, H. (eds.) IDEAL 2003. LNCS, vol. 2690, pp. 286–295. Springer, Heidelberg (2003)

    Google Scholar 

  10. Burges. C.: LA Tutorial on Support Vector Machines for Patter Recognition. Data Mining and Knowledge Discovery, Boston (588)

    Google Scholar 

  11. Cristianini, N., Shawe-Taylor, J.: An Introduction to Support Vector Machines, Cambridge University (2000)

    Google Scholar 

  12. Seo, J., Lee, C., Moon, J.: Defending DDoS Attacks using Network Traffic Analysis and Probabilistic Packet Drop. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds.) GCC 2004. LNCS, vol. 3252, pp. 390–397. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Hwang, K., Kwok, Y., Song, S.: GridSec: Trusted Grid Computing with Security Binding and Self –defense Against Network Worms and DDoS attacks. In: Sunderam, V.S., van Albada, G.D., Sloot, P.M.A., Dongarra, J. (eds.) ICCS 2005. LNCS, vol. 3516, pp. 187–195. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  14. Li, M., Vitanyi, P.: An Introduction to Kolmogorov Complexity and Its Applications, pp. 506–509. Springer, Heidelberg (1997); Section 7.6

    MATH  Google Scholar 

  15. Paxson, V.: Growth Trends in Wide-Area TCP Connections. IEEE Network 8, 8–17 (1994)

    Article  Google Scholar 

  16. Standard Performance Evaluation Corporation. SPECweb99 Benchmark, available on-line: http://www.spec.org/osg/web99

  17. Ruping, S.: mySVM – a Support Vector Machine, University of Dortmund (2004)

    Google Scholar 

  18. Holder, L.: ML v2.0: Machine Learning Program Evaluator. available on-line: http://www-cse.uta.edu/~holder/ftp/ml2.0.tar.gz

  19. Lawrence Berkeley National Labs Network Research Group. Libpcap

    Google Scholar 

  20. Packet Storm. Tribe Flood Network 2000 (TFN2K) DDoS tool, available on-line: http://packetstormsecurity.org/distributed/TFN2k_Analysis-1.3.txt

Download references

Author information

Authors and Affiliations

  1. National Security Research Institute, KT 463-1, Jeonmin-dong, Yuseong-gu, Daejeon, 305-811, Republic of Korea

    Jungtaek Seo & Cheolho Lee

  2. CIST, Korea University, 1-Ga, Anam-dong, Sungbuk-Gu, Seoul, Republic of Korea

    Taeshik Shon & Jongsub Moon

Authors
  1. Jungtaek Seo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Cheolho Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Taeshik Shon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jongsub Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. China Knowledge Grid Research Group, Key Lab of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, 100080, Beijing, China

    Hai Zhuge

  2. Community Grids Lab, Indiana University Bloomington,  

    Geoffrey C. Fox

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Seo, J., Lee, C., Shon, T., Moon, J. (2005). SVM Approach with CTNT to Detect DDoS Attacks in Grid Computing. In: Zhuge, H., Fox, G.C. (eds) Grid and Cooperative Computing - GCC 2005. GCC 2005. Lecture Notes in Computer Science, vol 3795. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11590354_7

Download citation

  • DOI: https://doi.org/10.1007/11590354_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30510-1

  • Online ISBN: 978-3-540-32277-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation