Title :
A Bidirectional-Based DDoS Detection Mechanism
Author :
Liu, Chao ; Zhang, Shunyi
Author_Institution :
Nanjing Univ. of Posts & Telecommun., Nanjing, China
Abstract :
With the rapid development of network, a variety of abnormal flow including the most popular DDoS attacks appear in the network, these abnormal flow greatly limit the Internet providing normal bandwidth services to the normal users. It is difficult to correctly distinguish the legitimate burst flow and the DDoS attacks by using the unilateral flow to analyze and detect the anomaly flow, so we propose a bidirectional-based DDoS detection mechanism. The detection mechanism put forward a state model which includes eight kinds of nodes by analyzing the input and output flow of the network nodes and the relationship between the input and output flow. Through the further analysis of the state model, we can distinguish the abnormal flow and the legitimate burst flow. The detection mechanism plays a timely role in early warning and prevention. The simulation results show that the bidirectional-based DDoS detection mechanism is effective and feasible.
Keywords :
Internet; security of data; Internet; anomaly detection; bidirectional flow; bidirectional-based DDoS detection mechanism; normal bandwidth services; Bandwidth; Chaos; Computer crime; Computerized monitoring; Electronic mail; IP networks; Network servers; Telecommunication traffic; Transport protocols; Web and internet services;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2009. WiCom '09. 5th International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-3692-7
Electronic_ISBN :
978-1-4244-3693-4
DOI :
10.1109/WICOM.2009.5302259
