Journal
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
Volume 55, Issue -, Pages -Publisher
ELSEVIER
DOI: 10.1016/j.jisa.2020.102621
Keywords
Ddos attack; Entropy; Garch model; ARMA model
Categories
Ask authors/readers for more resources
DDoS is becoming one of the most powerful and dangerous cyber-attacks. Tremendous research efforts have already been carried out in the detection of DDoS attacks. Entropy is a statistical measure of attack detection. A study on variation in the distribution of network traffic features is undertaken in this work. The network traffic parameters that are used for DDoS detection include the destination port, protocol, source IP and destination IP. The entropy of the traffic features are passed through time series models so as to avoid the prediction errors. This work uses a nonlinear model called GARCH model (Generalised ARMA model) to improve detection efficiency as it is more suitable for long range non-stationary data series like network traffic. This work focuses on efficient low and high rate DDoS attacks detection based on network traffic entropy and time series models with dynamic threshold algorithm. A stochastic gradient algorithm with a dynamic threshold is used to detect DDoS. The experimental results show higher detection rate and lower false positive rate.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available