Title :
DDoS Attack Detection Based on RLT Features
Author :
Xu, Tu ; He, Dake ; Luo, Yu
Abstract :
To use SVM to detect DDoS precisely, the features vector that can distinguish normal stream from attack stream is required. According to the characters of DDoS, a group of relative values features (RLT features) are proposed. For indicating the existence and intensity of DDoS attack simultaneously, multi-class SVM (MCSVM) is introduced to DDoS detection. As shown in the emulation experiments, our method can detect various DDoS attacks effectively and indicate the attack intensity. The detection result is better than other present detection measures. Because RLT features include more attack information than the detection measures using single attack character, a better detection result is available.
Keywords :
Computational intelligence; Computer crime; Computer vision; Helium; Information science; Information security; Machine learning algorithms; Support vector machine classification; Support vector machines; Training data;
Conference_Titel :
Computational Intelligence and Security, 2007 International Conference on
Conference_Location :
Harbin
Print_ISBN :
0-7695-3072-9
Electronic_ISBN :
978-0-7695-3072-7
DOI :
10.1109/CIS.2007.56
