Title :
DDoS detection based on feature space modeling
Author :
Jin, Shu-Yuan ; Yeung, Daniel S.
Author_Institution :
Dept. of Comput., Hong Kong Polytech. Univ., Kowloon, China
Abstract :
This work tries to use a feature space modeling methodology to identify DDoS attacks. Compared with the existing approaches, the proposed feature space presents a more general model in DDoS detection. It changes the non-separable attacks into separable cases and more importantly, it also allows the unknown attacks potentially being identified by their own features. To validate these claims, a classification algorithm is defined under this feature space. We use a subset in KDD Cup 1999 data in the experiments. The KDD Cup 1999 training dataset contains 6 different types of DDoS attacks and the testing dataset contains more 4 novel DDoS attacks. In detecting these 6 already known DDoS attacks and 4 novel DDoS attacks from the normal, we get a high detection rate under this feature space by using the proposed classification algorithm, which shows the discriminative abilities of the feature space.
Keywords :
computer networks; covariance matrices; security of data; telecommunication security; KDD Cup training dataset; classification algorithm; covariance matrices; distributed denial of service attack identification; distributed denial of service detection; feature space modeling; Classification algorithms; Computer crime; Computer networks; Computer vision; Frequency; Intrusion detection; PROM; Performance analysis; Space exploration; Throughput;
Conference_Titel :
Machine Learning and Cybernetics, 2004. Proceedings of 2004 International Conference on
Print_ISBN :
0-7803-8403-2
DOI :
10.1109/ICMLC.2004.1384578
