• DocumentCode
    2310096
  • Title

    A Novel Embedded Accelerator for Online Detection of Shrew DDoS Attacks

  • Author

    Chen, Hao ; Chen, Yu

  • Author_Institution
    State Univ. of New York - Binghamton, Binghamton, NY
  • fYear
    2008
  • fDate
    12-14 June 2008
  • Firstpage
    365
  • Lastpage
    372
  • Abstract
    As one type of stealthy and hard-to-detect attack, low-rate TCP-targeted DDoS attack can seriously throttle the throughput of normal TCP flows for a long time without being noticed. The Power Spectral Density (PSD) analysis in frequency domain can detect this type of attack accurately. However, computational complexity of PSD analysis makes it impossible for software implementation at high speed network. Taking advantages of powerful computing capability and software-like flexibility, an embedded accelerator using FPGA for PSD analysis has been proposed. Optimized design in autocorrelation calculation algorithm and DFT processing distinguishes our scheme more meaningful for high speed real-time processing with limited resources. Simulation verifies that even working at very low system clock frequency, our design can still provide quality-service for malicious detection in multi-gigabyte rate network.
  • Keywords
    discrete Fourier transforms; field programmable gate arrays; frequency-domain analysis; security of data; DFT processing; FPGA; TCP flows; autocorrelation calculation algorithm; computational complexity; distributed denial-of-service attacks; embedded accelerator; hard-to-detect attack; high speed real-time processing; malicious detection; multigigabyte rate network; online detection; power spectral density analysis; shrew DDoS attacks; software implementation; software-like flexibility; stealthy attack; Algorithm design and analysis; Computational complexity; Computer crime; Design optimization; Embedded computing; Field programmable gate arrays; Frequency domain analysis; High-speed networks; Spectral analysis; Throughput; DDoS Attacks; Embedded Accelerator; Network Security; Reconfigurable Hardware;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Networking, Architecture, and Storage, 2008. NAS '08. International Conference on
  • Conference_Location
    Chongqing
  • Print_ISBN
    978-0-7695-3187-8
  • Type

    conf

  • DOI
    10.1109/NAS.2008.13
  • Filename
    4579615
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2310096