Abstract
Cyber attack is the most threatening factor of today’s digital world and this is virtually doubled year by year. During February 2016, Bangladesh central bank was attacked by hackers through 35 illegal transactions in which five transactions resulted in loss of $81 Millions. However, the bank saved $850 Millions by reviewing the remaining thirty transactions. Later, Amazon.com was attacked by hackers which resulted in leakage of 80,000 login credentials. Distributed Denial of Service (DDoS) attack is one of the common forms of cyber attacks which have grown in size, become sophisticated, dangerous and also hard to detect. Tracing the source IP address of such an attack enables us to control the Internet crimes. In this work, a statistical approach based on metrics is presented to find the source of the attack. Six sigma approaches are used to set the threshold value based on which attack sources are predicted.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Peng, T., Leckie, C., Ramamohanarao, K.: Survey of network based defense mechanism countering the DoS and DDoS problems. Comput. J. ACM Comput. Surv. 39, 123–128 (2007)
Nguyen, H.V., Choi, Y.: Proactive detection of DDoS attacks utilizing k-NN classifier in an anti DDoS framework. Int. J. Electr. Comput. Syst. Eng. 4, 537–542 (2010)
Shanon, C.E.: A mathematical theory of communication. Bell Syst. Techn. J. 27, 623–656 (1948)
Gavrilis, D., Dermatas, E.: Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features. Comput. Netw. 48, 235–245 (2005)
Wu, Y.C., Tseng, H.R., Yang, W., Jan, R.H.: DDoS detection and trace back with decision tree and grey relational analysis. Int. J. Ad-Hoc Ubiquit. Computing. 7, 121–136 (2011)
Karimazad, R., Faraahi, A.: An anomaly based method for DDoS attacks detection using RBF neural networks. In: Proceedings of the International Conference on Network and Electronics Engineering, vol. 11, pp. 44–48 (2011)
Jeyanthi, N., Iyengar, N.C.S.N.: An entropy based approach to detect and disinuish DDoS aatacks from ash crowds in VoIP networks. Int. J. Netw. Secur. 14, 257–269 (2012)
Thomas, R., Mark, B., Johnson, T., Croall, J.: NetBouncer: Client-legitimacy-based high performance filtering. In: Proceedings of the 3rd DARPA Information Survivability Conference and Exposition, p. 111. IEEE Explore (2003)
Limwiwatkul, L., Rungsawang, A.: Distributed denial of service detection using TCP/IP header and traffic measurement analysis. In: Proceedings of the IEEE International Symposium Communications and Information Technology, pp. 605–610. IEEE Explore (2004)
Zhang, G., Parashar, M.: Cooperative defense against DDoS attacks. J. Res. Pract. Inf. Technol. 38, 69–84 (2006)
Wang, J., Phan, R.C.W., Whitely, J.N., Parish, D.J.: Augmented attack tree modeling of distributed denial of services and tree based attack detection method. In: Proceedings of the 10th IEEE International Conference on Computer and Information Technology, 1009–1014. IEEE Explore (2010)
Hwang, K., Dave, P., Tanachaiwiwat, S.: NetShield: Protocol anomaly detection with data-mining against DDoS attacks. In: Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection, pp. 1–20 (2003)
Li, L., Lee, G.: DDoS attack detection and wavelets. Telecommun. Syst. 28, 435–451 (2005)
Sekar, V., Duffield, N., Spatscheck, O., van der Merwe, J., Zhang, H.: LADS: large-scale automated DDoS detection system. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, p. 16 (2006)
Gelenbe, E., Loukas, G.A.: Self-aware approach to denial of service defense. Comput. Netw. 51, 1299–1314 (2007)
Lee, K., Kim, J., Kwon, K.H., Han, Y., Kim, S.: DDoS attack detection method using cluster analysis. Expert Syst. Appl. 34, 1659–1665 (2008)
Li, M., Li, M.: A new approach for detecting DDoS attacks based on wavelet analysis. In: Proceedings of the 2nd International Congress on Image and Signal Processing, pp. 1–5. IEE Explore (2009)
Dainotti, A., Pescapé, A., Ventre, G.: A cascade architecture for DoS attacks detection based on the wavelet transform. J. Comput. Secur. 17, 945–968 (2009)
Xia, Z., Lu, S., Li, J.: Enhancing DDoS flood attack detection via intelligent fuzzy logic. Informatica. 34, 497–507 (2010)
Savage, S., Wetherall, D., Karlin, A.R., Anderson, T.E.: Network support for IP traceback. IEEE/ACM Trans. Netw. 9, 226–237 (2001)
Lu, N., Wang, Y., Su, S., Yang, F.: A novel path-based approach for single-packet IP traceback. Secur. Commun. Netw. 7, 309–321 (2014)
Song, D.X., Perrig, A.: Advanced and authenticated marking schemes for IP trace-back. In: Proceedings of the IEEE INFOCOM 2001, pp. 878–886. IEE Explore (2001)
Seongjun, S., Lee, S., Kim, H., Kim, S.: Advanced probabilistic approach for network intrusion forecasting and detection. Expert Syst. Appl. 40, 315–322 (2013)
Yu, S., Zhou, W., Doss, R., Jia, W.: Trace back of DDoS attacks using entropy variations. IEEE Trans. Parallel Distrib. Syst. 22, 412–425 (2011)
Oshima, S., Takuo, N., Toshinori, S.: DDoS detection technique using statistical analysis to generate quick response time. In: Proceedings of 2010 International Conference on Broadband, Wireless Computing, Communication and Applications, pp. 672–677. IEEE explore (2010)
Bhandari, A., Sangal, A.L., Kumar, K.: Performance metrics for defense framework against distributed denial of service attacks. Int. J. Netw. Secur. 6, 38–47 (2014)
Gupta, B.B., Misra, M., Joshi, R.C.: An ISP level solution to combat DDoS attacks using combined statistical based approach (2012). arXiv preprint arXiv: 1203.2400
Acknowledgment
The first author is thankful to the management of Kalasalingam University for providing fellowship.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Subburaj, T., Suthendran, K., Arumugam, S. (2017). Statistical Approach to Trace the Source of Attack Based on the Variability in Data Flows. In: Arumugam, S., Bagga, J., Beineke, L., Panda, B. (eds) Theoretical Computer Science and Discrete Mathematics. ICTCSDM 2016. Lecture Notes in Computer Science(), vol 10398. Springer, Cham. https://doi.org/10.1007/978-3-319-64419-6_50
Download citation
DOI: https://doi.org/10.1007/978-3-319-64419-6_50
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64418-9
Online ISBN: 978-3-319-64419-6
eBook Packages: Computer ScienceComputer Science (R0)