Detecting Bandwidth DDoS Attack with Control Charts

Author

Santos, Anderson Fernandes P ; Silva, Renato S.

Author_Institution

Inst. Mil. de Engenharia, Rio de Janeiro

fYear

2007

fDate

19-21 Nov. 2007

Firstpage

519

Lastpage

524

Abstract

The distributed denial of service, DDoS, is an internet-wide threat and can be identified in the initial phase through the anomalous behavior of the network traffic. We present a control chart theory approach for the problem of detection this kind of attack, it is designed for non-normal process and is based on the evaluation of estimators that have a minimal variance estimation process position and scattering, whatever the data distribution. We proposed an algorithm to identify the DDoS attacks analyzing these estimators behavior.

Keywords

Internet; control charts; estimation theory; statistical distributions; telecommunication control; telecommunication security; telecommunication traffic; Internet-wide threat; bandwidth DDoS attack detection; control chart theory; data distribution; distributed denial of service; minimal variance estimation process position; minimal variance estimation process scattering; network traffic anomalous behavior; nonnormal distribution; Bandwidth; Computer crime; Control charts; Databases; Intrusion detection; Laboratories; Phase detection; Process control; Testing; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks, 2007. ICON 2007. 15th IEEE International Conference on

Conference_Location

Adelaide, SA

ISSN

1556-6463

Print_ISBN

978-1-4244-1230-3

Electronic_ISBN

1556-6463

Type

conf

DOI

10.1109/ICON.2007.4444140

Filename

4444140