Skip to main content
SpringerLink
Log in

A Novel DDoS Attack Detecting Algorithm Based on the Continuous Wavelet Transform

  • Conference paper
Content Computing (AWCC 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3309))

Included in the following conference series:

Abstract

Distributed denial-of-service(DDoS) attacks have recently emerged as a major threat to the security and stability of the Internet. As we know, traffic bursts always go with DDoS attacks. Detecting the network traffic bursts accurately in real-time can catch such attacks as quickly as possible. In this paper, we categorize the traffic bursts into three kinds: Single-point-burst, Short-flat-burst and Long-flat-burst, and propose a network traffic burst detecting algorithm (BDA-CWT) based on the continuous wavelet transform. In this algorithm, we use a slip window to analyze the traffic data uninterruptedly to detect the Short-flat-burst or the Long-flat-burst, which always represents DDoS attacks. Our experiment has demonstrated that the proposed detection algorithm is responsive and effective in curbing DDoS attacks, in contrast with the discrete wavelet transform and traditional methods (N-point-average and gradient).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Yaar, A., Perrig, A., Song, D.: Pi: a path identification mechanism to defend against DDoS attacks. In: Proceedings of the 2003 Symposium on Security and Privacy, May 11-14, pp. 93–107 (2003)

    Google Scholar 

  2. http://www.netscan.org/Guiding_Against_DDoS

  3. Yaar, A., Perrig, A., Song, D.: Pi: a path identification mechanism to defend against DDoS attacks. In: Proceedings of the 2003 Symposium on Security and Privacy, May 11-14, pp. 93–107 (2003)

    Google Scholar 

  4. Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical approaches to ddos attack detection and response. In: Proceedings of the DARPA Information Survivability Conference and Exposition, April 22-24, 2003. Scalable DDoS Protection Using Route-Based Filtering, vol. 1, pp. 303–314 (2003)

    Google Scholar 

  5. Park, K.: Scalable DDoS protection using route-based filtering. In: Proceedings of the DARPA Information Survivability Conference and Exposition, April 22-24, vol. 2, p. 97 (2003)

    Google Scholar 

  6. Yoohwan, K., Ju-Yeon, J., Chao, H.J., Merat, F.: High-speed router filter for blocking TCP flooding under DDoS attack. In: Proceedings of the 2003 IEEE International Conference on Performance, Computing, and Communications, April 9-11, pp. 183–190 (2003)

    Google Scholar 

  7. CERT Coordination Center. Internet Denial of Service Attacks and the Federal Response (February 2000), http://www.cert.org/congressional_testimony/Fithen_testimony_Feb29.html

  8. Grossmann, A.: Wavelet transform and edge detection, Stochastics processes in physics and engineering, Hazeaingke Meds. Dorecht, Reidel (1986)

    Google Scholar 

  9. Mallat, S., Hwang, W.L.: Singularity Detection and Processing with Wavelets. IEEE Transactions on Information Theory 38(2) (March 1992)

    Google Scholar 

  10. Mallat, S.: Zero-crossing of wavelet transform. IEEE Trans. on Information Theory 37(4), 1019–1033 (1997)

    Article  MathSciNet  Google Scholar 

  11. Mallat, S., Zhong, S.F.: Characterization of signals from multiscale edges. IEEE Trans. on Pattern Analysis and Machine Intelligence 14(u), 710–732 (1992)

    Article  Google Scholar 

  12. Mallat, S., refs. Within: A Theory for Multiresolution Signal Decomposition: the Wavelet Representation. IEEE Trans. on Pattern Anal. and Mach. Intell. 11, 674–693 (1989)

    Article  MATH  Google Scholar 

  13. Garcia, R.C., Sadiku, M.N.O., Cannady, J.D.: WAID: wavelet analysis intrusion detection, Circuits and Systems. In: The 2002 45th Midwest Symposium on MWSCAS 2002, August 4-7, vol. 3, pp. III-688 - III-691 (2002)

    Google Scholar 

  14. Nash, D.A., Ragsdale, D.J.: Simulation of self-similarity in network utilization patterns as a precursor to automated testing of intrusion detection systems. IEEE Transactions on Systems, Man and Cybernetics, Part A 31(4), 327–331 (2001)

    Article  Google Scholar 

  15. Grossmann, A., Morlet, J.: Decomposition of Hardy functions into square integrable wavelets of constant shape. SIAM J. Math. 15, 723–736 (1984)

    Article  MATH  MathSciNet  Google Scholar 

  16. Oppenheim, A.V., Sehafer, R.W.: Digital Signal Processing. Prentice-Hall, Englewood Cliffs (1975)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Technology, Xi’an Jiaotong University, 710049, Xi’an, P.R. China

    Xinyu Yang, Yong Liu, Ming Zeng & Yi Shi

Authors
  1. Xinyu Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ming Zeng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yi Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Software, Tsinghua University,  

    Chi-Hung Chi

  2. School of Software, Tsinghua University, Beijing, PR China

    Kwok-Yan Lam

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yang, X., Liu, Y., Zeng, M., Shi, Y. (2004). A Novel DDoS Attack Detecting Algorithm Based on the Continuous Wavelet Transform. In: Chi, CH., Lam, KY. (eds) Content Computing. AWCC 2004. Lecture Notes in Computer Science, vol 3309. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30483-8_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30483-8_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23898-0

  • Online ISBN: 978-3-540-30483-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation