• DocumentCode
    2398385
  • Title

    LD2: A system for lightweight detection of denial-of-service attacks

  • Author

    Pukkawanna, Sirikarn ; Pongpaibool, Panita ; Visoottiviseth, Vasaka

  • Author_Institution
    Nat. Electron. & Comput. Technol. Center, Pathumthani
  • fYear
    2008
  • fDate
    16-19 Nov. 2008
  • Firstpage
    1
  • Lastpage
    7
  • Abstract
    This paper proposes a system for lightweight detection of DoS attacks, called LD2. Our system detects attack activities by observing flow behaviors and matching them with graphlets for each attack type. The proposed system is lightweight because it does not analyze packet content nor packet statistics. We benchmark performance of LD2, in terms of detection accuracy and complexity against Snort, a popular open-source IDS software. Our evaluations focus on six types of DoS attacks, namely SYN flood, UDP flood, ICMP flood, Smurf, port scan, and host scan. Results show that LD2 can accurately identify all occurrences and all hosts associated with attack activities. Although LD2 uses higher CPU cycles than Snort, it consumes much less memory than Snort.
  • Keywords
    Internet; security of data; telecommunication services; DoS attacks; ICMP flood; LD2; SYN flood; Smurf; Snort; UDP flood; denial-of-service attacks; open-source IDS software; Bandwidth; Computer crime; Floods; Intrusion detection; Monitoring; Open source software; Software performance; Statistical analysis; Telecommunication traffic; Web and internet services;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Military Communications Conference, 2008. MILCOM 2008. IEEE
  • Conference_Location
    San Diego, CA
  • Print_ISBN
    978-1-4244-2676-8
  • Electronic_ISBN
    978-1-4244-2677-5
  • Type

    conf

  • DOI
    10.1109/MILCOM.2008.4753369
  • Filename
    4753369
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2398385