Statistical Approaches to DDoS Attack Detection and Response

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Laura Feinstein Articles by Dan Schnackenberg Articles by Ravindra Balupari Articles by Darrell Kindred

DARPA Information Survivability Conference and Exposition - Volume I

Washington, DC

April 22-April 24

ISBN: 0-7695-1897-4

	ASCII Text	x
	Laura Feinstein, Dan Schnackenberg, Ravindra Balupari, Darrell Kindred, "Statistical Approaches to DDoS Attack Detection and Response," DARPA Information Survivability Conference and Exposition,, vol. 1, pp. 303, DARPA Information Survivability Conference and Exposition - Volume I, 2003.

	BibTex	x
	@article{ 10.1109/DISCEX.2003.1194894, author = {Laura Feinstein and Dan Schnackenberg and Ravindra Balupari and Darrell Kindred}, title = {Statistical Approaches to DDoS Attack Detection and Response}, journal ={DARPA Information Survivability Conference and Exposition,}, volume = {1}, year = {2003}, issn = {2003102155}, pages = {303}, doi = {http://doi.ieeecomputersociety.org/10.1109/DISCEX.2003.1194894}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - DARPA Information Survivability Conference and Exposition, TI - Statistical Approaches to DDoS Attack Detection and Response SN - 2003102155 SP EP A1 - Laura Feinstein, A1 - Dan Schnackenberg, A1 - Ravindra Balupari, A1 - Darrell Kindred, PY - 2003 KW - null VL - 1 JA - DARPA Information Survivability Conference and Exposition, ER -

Laura Feinstein, The Boeing Company

Dan Schnackenberg, The Boeing Company

Ravindra Balupari, Network Associates Laboratories

Darrell Kindred, Network Associates Laboratories

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/DISCEX.2003.1194894

The nature of the threats posed by Distributed Denial of Service (DDoS) attacks on large networks, such as the Internet, demands effective detection and response methods. These methods must be deployed not only at the edge but also at the core of the network. This paper presents methods to identify DDoS attacks by computing entropy and frequency-sorted distributions of selected packet attributes. The DDoS attacks show anomalies in the characteristics of the selected packet attributes. The detection accuracy and performance are analyzed using live traffic traces from a variety of network environments ranging from points in the core of the Internet to those inside an edge network. The results indicate that these methods can be effective against current attacks and suggest directions for improving detection of more stealthy attacks. We also describe our detection-response prototype and how the detectors can be extended to make effective response decisions.

Citation:

Laura Feinstein, Dan Schnackenberg, Ravindra Balupari, Darrell Kindred, "Statistical Approaches to DDoS Attack Detection and Response," discex, vol. 1, pp.303, DARPA Information Survivability Conference and Exposition - Volume I, 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.