Title :
Choosing parameters for detecting DDoS attack
Author_Institution :
Network Manage. Center, Neijiang Normal Univ., Neijiang, China
Abstract :
DDoS attack has always been a major threat for information security. Realizing the complexity and difficulty in dest-end detection, researchers have switched their focus on “source-end detection”. And CUSUM is considered an efficient method in source-end detection. However, there is no guidance about how to choose the parameters in CUSUM, which dramatically affect the performance of detections. So this article discusses and simulates the selection of these parameters, to provide reference for further research.
Keywords :
computer network security; statistical analysis; CUSUM; DDoS attack detection parameter; information security; source-end detection; Abstracts; Floods; Ports (Computers); CUSUM; DDoS; Pcap; SYN flood;
Conference_Titel :
Wavelet Active Media Technology and Information Processing (ICWAMTIP), 2012 International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4673-1684-2
DOI :
10.1109/ICWAMTIP.2012.6413483