Abstract
The main objective of this paper is to detect the Distributed Reflector Denial of Service (DRDoS) attack based on a protocol independent based detection technique. The proposed system applies Enhanced-Random Early Detection (E-RED) algorithm and Application based Network Traffic (ANT) classification method in order to detect and classify the DRDoS attack according to their types. In the experimental analysis, the performance of the proposed system is evaluated by the Transmission Control Protocol (TCP) and Domain Name System (DNS) response packets. It detects the DRDoS attacks with 99% true positives and 1% false positive rates and classifies the types of attacks with 98% classification accuracy. The results and discussions show that the proposed method detects and classifies the highest probability of reflected response traffic as compared to the traditional methods.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Jiang, X., Yang, J., Jin, G., Wei, W.: RED-FT A Scalable Random Early Detection Scheme with Flow Trust against DoS Attacks. IEEE Communication Letters 17, 1–4 (2013)
Ben-Porat, U., Bremler-Barr, A., Levy, H.: Vulnerability of network mechanisms to sophisticated DDoS attacks. IEEE Trans. Comp. 62, 1031–1043 (2013)
Wei, W., Chen, F., Xia, Y., Jin, G.: A Rank Correlation based Detection against Distributed Reflection DoS attacks. IEEE Communication Letters 17, 173–175 (2013)
Thandeeswaran, R., Asha, A., Jeyanthi, N.: Novel Survey on Detection of DDoS Attack Using Traceback Technique in VoIP Networks. Mathematical Archive 2, 2229–5046 (2011)
Beitollahi, H., Deconinck, G.: Analyzing well-known counter measures against Distributed Denial of Service Attacks. Computer Communications 35, 1312–1332 (2012)
Rani, R., Vatsa, A.K.: CARD (Continuous and Random Dropping) based DRDOS Attack Detection and Prevention Techniques in MANET. Engineering and Technology 2, 1449–1456 (2012)
Tsunoda, H., Ohta, K., Yamamoto, A., Ansari, N., Waizumi, Y., Nemoto, Y.: Detecting DRDoS attack by a simple response packet confirmation mechanism. Computer Communications 31, 3299–3306 (2008)
Al-Duwairi, B., Manimaran, G.: Distributed packet pairing for reflector based DDoS attack mitigation. Computer Communications 29, 2269–2280 (2006)
Reeta, M.: Anticipation methods from DRDoS Attack. Computer Science and Information Technology 2, 890–894 (2012)
Larry, E.D., Lars, E.D.: Multiplayer Online games. In: Digital Forensics for Legal Professionals, pp. 301–308 (2012)
Shahabeddin, G., Mahmood, A.: Bloom Filter Applications in network security. Computer Networks 57, 4047–4064 (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
MohanaPriya, P., Akilandeswari, V., Akilarasu, G., Shalinie, S.M. (2014). An Integrated Approach of E-RED and ANT Classification Methods for DRDoS Attacks. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_29
Download citation
DOI: https://doi.org/10.1007/978-3-662-44966-0_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44965-3
Online ISBN: 978-3-662-44966-0
eBook Packages: Computer ScienceComputer Science (R0)