Title :
Visual Analytics Model for Intrusion Detection in Flood Attack
Author :
Jinson Zhang ; Mao Lin Huang
Author_Institution :
Sch. of Software, Univ. of Technol., Sydney, Sydney, NSW, Australia
Abstract :
Flood attacks are common forms of Distributed Denial-of-Service (DDoS) attack threats on internet in nature. This has necessitated the need for visual analysis within an intrusion detection system to identify these attacks. The challenges are how to increase the accuracy of detection and how to visualize and present flood attacks in networks for early detection. In this paper, we introduce three coefficients, which not only classify the behaviors of flood attacks, but also measure the system performance under those flood attacks: a) attack-density that patterns the characters of flood attack, b) system workload which represents the system capability in handling flood attack and c) the scalability to classify the impact level of the flood attack at victim site. A visual clustered method is used to display the DDoS flood attacks. The experimentation results are presented to demonstrate our new model significantly improves the accuracy of the detection of DDoS attacks and provides a better understanding of the nature of flood attacks on networks.
Keywords :
Internet; computer network security; data analysis; data visualisation; pattern classification; pattern clustering; DDoS attack; Internet; attack-density; distributed denial-of-service attack; flood attack behavior classification; intrusion detection; system workload; visual analytics model; visual clustered method; Analytical models; Computer crime; Floods; IP networks; Ports (Computers); Telecommunication traffic; Visualization; DDoS flood attack; Network security; attack density; attack scale; information visualization; workload;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.38
