Summary
In this paper we focus on DDoS attacks detection by means of greedy algorithms. In particular we propose to use Matching Pursuit and Orthogonal Matching Pursuit algorithms. The major contribution of the paper is the proposition of 1D KSVD algorithm as well as its tree based structure representation (clusters), that can be successfully applied to DDos attacks and network anomaly detection.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Mirkovic, J., Reiher, P.: A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. In: ACM SIGCOMM CCR (2004)
Champagne, D., Lee, R.B.: Scope of DDoS Countermeasures: Taxonomy of Proposed Solutions and Design Goals for Real-World Deployment. In: 8th International Symposium on Systems and Information Security, SSI 2006 (2006)
Bin, X., Wei, C.: Y. He: A Novel approach to detecting DDoS attacks at an early Stage. Springer Science + Business Media LLC (2006)
Teodoro, P.G., Verdejo, J.D., Fernandez, G.M., Vazquez, E.: Anomaly-based network intrusion detection: Techniques, systems and challenges. Computer and Security 28(1-2), 18–28 (2008)
Troop, J.A.: Greed is Good: Algorithmic Results for Sparse Approximation. IEEE Transactions on Information Theory, 50(10) (2004)
Mallat, S.G., Zhang, Z.: Matching Pursuit with time-frequency dictionaries. IEEE Transactions on Signal Processing 41(12), 3397–3415 (1993)
Davis, G., Mallat, S., Avellaneda, M.: Adaptive greedy approximations. Journal of Constructive Approximations 13, 57–98 (1987)
Gilbert, A., Muthukrishnam, S., Strauss, M.J.: Approximation of functions over redundant dictionaries using coherence. In: 14th ACM-SIAM Symposium on Discrete Algorithms (2003)
Natarajan, B.K.: Sparse approximate solutions to linear systems. SIAM Journal of Computation 24, 227–234 (1995)
Pati, Y.C., Rezaiifar, R., Krishnaprasad, P.S.: Orthogonal matching pursuit: recursive function approximation with applications to wavelet decomposition. In: Asilomar Conference on Signals, Systems and Computers, vol. 1, pp. 40–44 (1993)
Aharon, M., Elad, M., Bruckstein, A.: K-SVD. An algorithm for designing overcomplete dictionaries for sparse representations. IEEE Trans. on Signal Processing 54, 4311–4322 (2006)
Jost, P., Vandergheynst, P., Frossard, P.: Tree-Based Pursuit: Algorithm and Properties. In: Swiss Federal Institute of Technology Lausanne (EPFL), Signal Processing Institute Technical Report, TR-ITS-2005.013 (2005)
Choraś, M., Saganowski, Ł., Renk, R., Hołubowicz, W.: Statistical and signal-based network traffic recognition for anomaly detection. Expert Systems: The Journal of Knowledge Engineering (2011), doi:10.1111/j.1468-0394.2010.00576.x
WIDE Project: MAWI Working Group Traffic Archive, http://tracer.csl.sony.co.jp/mawi/
The CAIDA Dataset (2006-2009), http://www.caida.org/data
Defense Advanced Research Projects Agency DARPA Intrusion Detection Evaluation Data Set, http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html
DeLooze, L.: Attack Characterization and Intrusion Detection using an Ensemble of Self-Organizing Maps. In: IEEE Workshop on Information Assurance United States Military Academy, West Point, New York, pp. 108–115 (2006)
Lakhina, A., Crovella, M., Diot, C.H.: Characterization of network-wide anomalies in traffic flows. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement, pp. 201–206 (2004)
Wei, L., Ghorbani, A.: Network Anomaly Detection Based on Wavelet Analysis. EURASIP Journal on Advances in Signal Processing 2009, Article ID 837601, 16 pages (2009) doi:10.1155/2009/837601
Dainotti, A., Pescape, A., Ventre, G.: Wavelet-based Detection of DoS Attacks. In: IEEE GLOBECOM, San Francisco, CA, USA (November 2006)
Coppolino, L., D’Antonio, S., Esposito, M., Romano, L.: Exploiting diversity and correlation to improve the performance of intrusion detection systems. In: Proc. of IFIP/IEEE International Conference on Network and Service (2009)
Saganowski, Ł., Choraś, M., Renk, R., Hołubowicz, W.: A Novel Signal-Based Approach to Anomaly Detection in IDS Systems. In: Kolehmainen, M., Toivanen, P., Beliczynski, B. (eds.) ICANNGA 2009. LNCS, vol. 5495, pp. 527–536. Springer, Heidelberg (2009)
Gabor, D.: Theory of communication. Journals Electrical Enginners 93, 429–457 (1946)
Goodwin, M.: Adaptive Signal Models: Theory, Algorithms, and Audio Algorithms. Kluwer, Boston (1998)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Andrysiak, T., Saganowski, Ł., Choraś, M. (2013). DDoS Attacks Detection by Means of Greedy Algorithms. In: Choraś, R. (eds) Image Processing and Communications Challenges 4. Advances in Intelligent Systems and Computing, vol 184. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32384-3_36
Download citation
DOI: https://doi.org/10.1007/978-3-642-32384-3_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32383-6
Online ISBN: 978-3-642-32384-3
eBook Packages: EngineeringEngineering (R0)