• DocumentCode
    1806370
  • Title

    Detecting DoS and DDoS Attacks Using Chi-Square

  • Author

    Leu, Fang-Yie ; Pai, Chia-Chi

  • Author_Institution
    Dept. of Comput. Sci., Tunghai Univ., Taiwan
  • Volume
    2
  • fYear
    2009
  • fDate
    18-20 Aug. 2009
  • Firstpage
    255
  • Lastpage
    258
  • Abstract
    In this paper, we propose an agent_based distributed intrusion detection architecture, which detects DoS/DDoS attacks by comparing source IP addresses´ normal and current connection frequencies. First, we collect source IPs´ packet statistics to obtain their normal packet distribution. When current statistics suddenly increase, very often it is an attack. Experimental results show that this approach can effectively detect DoS/DDoS attacks.
  • Keywords
    IP networks; mobile agents; normal distribution; security of data; statistical analysis; telecommunication computing; telecommunication security; DDoS attack detection; IP address; IP packet statistics; agent_based distributed intrusion detection architecture; chi-square; normal packet distribution; Acquired immune deficiency syndrome; Computer crime; Data analysis; Intrusion detection; Mobile agents; Monitoring; Packet switching; Protection; Statistical distributions; Switches; Chi-square; DDoS; DoS; Intrusion Detection System; Mobile agent;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
  • Conference_Location
    Xian
  • Print_ISBN
    978-0-7695-3744-3
  • Type

    conf

  • DOI
    10.1109/IAS.2009.292
  • Filename
    5283372
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1806370