Abstract
Distributed Denial of Services (DDoS) attacks are still among the top major cyber threats against online servers. One efficient way to defend against such threats is through adaptive threshold models, which can tune defense mechanisms according to network conditions and setup. However, the main challenge of such models is threshold selection which has a direct impact on detection accuracy and hence protection insurance. In this paper, we propose a new model to compute an adaptive threshold via distributed energy wavelet decomposition. Our model leverages consensus protocol to solve the single point of failure problem. The empirical evaluation, which is based on real DDoS attack traces, demonstrate that the proposed model is indeed capable to detect accurately and in real-time, DDoS threats.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, A., Jin, Y., Cao, J., Li, L.E.: Tracking long duration flows in network traffic. In: 2010 Proceedings of the Infocom, pp. 1–5. IEEE (2010)
Chen, Z., Yeo, C.K., Lee, B.S., Lau, C.T.: Power spectrum entropy based detection and mitigation of low-rate DoS attacks. Comput. Netw. 136, 80–94 (2018)
David, J., Thomas, C.: Ddos attack detection using fast entropy approach on flow-based network traffic. Procedia Comput. Sci. 50, 30–36 (2015)
Du, Z., Ma, L., Li, H., Li, Q., Sun, G., Liu, Z.: Network traffic anomaly detection based on wavelet analysis. In: 2018 IEEE 16th International Conference on Software Engineering Research, Management and Applications (SERA), pp. 94–101. IEEE (2018)
El-Khattam, W., Salama, M.M.: Distributed generation technologies, definitions and benefits. Electr. Power Syst. Res. 71(2), 119–128 (2004)
Ouerfelli, F.E., Barbaria, K., Bou-Harb, E., Fachkha, C., Zouari, B.: On the collaborative inference of DDoS: an information-theoretic distributed approach. In: 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC), pp. 518–523. IEEE (2018)
Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical approaches to DDoS attack detection and response. In: 2003 Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 1, pp. 303–314. IEEE (2003)
Kosowski, D., Kołaczek, G., Juszczyszyn, K.: Evaluation of an Impact of the DoS attacks on the selected virtualization platforms. In: Borzemski, L., Świątek, J., Wilimowska, Z. (eds.) ISAT 2018. AISC, vol. 852, pp. 30–40. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-99981-4_4
Li, L., Lee, G.: DDoS attack detection and wavelets. Telecommun. Syst. 28(3–4), 435–451 (2005)
Nanadikar, K., Kachi, A., Karkhanis, A., Patole, S.: FireCol: a collaborative protection network for the detection of flooding DDoS attack. Int. J. Eng. Res. Technol. 3 (2014)
Ongaro, D., Ousterhout, J.: In search of an understandable consensus algorithm. In: 2014 USENIX Annual Technical Conference (USENIX ATC 2014), pp. 305–319 (2014)
Shannon, C.: CAIDA anonymized 2008 internet traces dataset. http://www.caida.org/data/passive/passive_2008_dataset.xml
Sifuzzaman, M., Islam, M.R., Ali, M.: Application of wavelet transform and its advantages compared to Fourier transform. J. Phys. Sci. 13, 121–134 (2009)
Wang, F., Wang, X., Su, J., Xiao, B.: VicSifter: a collaborative DDoS detection system with lightweight victim identification. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 215–222. IEEE (2012)
Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D.K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Ouerfelli, F.E., Barbaria, K., Zouari, B., Fachkha, C. (2020). Multi-scale Adaptive Threshold for DDoS Detection. In: Kallel, S., Cuppens, F., Cuppens-Boulahia, N., Hadj Kacem, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2019. Lecture Notes in Computer Science(), vol 12026. Springer, Cham. https://doi.org/10.1007/978-3-030-41568-6_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-41568-6_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-41567-9
Online ISBN: 978-3-030-41568-6
eBook Packages: Computer ScienceComputer Science (R0)