Title :
User behaviour modelling based DDoS attack detection
Author :
Cepheli, Ozge ; Buyukcorak, Saliha ; Kurt, Gunes Karabulut
Author_Institution :
Telsiz Haberlesme Arastirma Laboratuvari (THAL), Istanbul Teknik Univ., Istanbul, Turkey
Abstract :
Distributed Denial of Service (DDoS) attacks are one of the most important threads in network systems. Due to the distributed nature, DDoS attacks are very hard to detect, while they also have the destructive potential of classical denial of service attacks. In this study, a novel 2-step system is proposed for the detection of DDoS attacks. In the first step an anomaly detection is performed on the destination IP traffic. If an anomaly is detected on the network, the system proceeds into the second step where a decision on every user is made due to the behaviour models. Hence, it is possible to detect attacks in the network that diverges from users´ behavior model.
Keywords :
IP networks; computer network security; human factors; telecommunication traffic; user modelling; DDoS attack detection; anomaly detection; destination IP traffic; distributed denial of service; network system; user behaviour modelling; Adaptation models; Computer crime; Conferences; IP networks; Mathematical model; Signal processing; DDoS; EM; expectation maximization; user modeling;
Conference_Titel :
Signal Processing and Communications Applications Conference (SIU), 2014 22nd
Conference_Location :
Trabzon
DOI :
10.1109/SIU.2014.6830697
