• DocumentCode
    3348961
  • Title

    Detecting DDoS Attack Based on Empirical Mode Decomposition

  • Author

    Wang, Xiujuan ; Zheng, Kangfeng

  • Author_Institution
    Coll. of Comput. Sci., Beijing Univ. of Technol., Beijing, China
  • fYear
    2011
  • fDate
    21-23 Oct. 2011
  • Firstpage
    483
  • Lastpage
    486
  • Abstract
    The paper proposes to apply Empirical Mode Decomposition (EMD) to network traffic signal. Then the corresponding intrinsic mode functions (IMFs) are obtained to calculate their Hurst index based on which the influence to the IMF Hurst after DDoS attack was analyzed. Finally, it makes a judgment on whether a DDoS attack happened or not by solving the IMF Hurst index of the unsure sequence. Experimental results show that, compared with the original signal Hurst index assay, this method can increase detection precision and CI, reduce the rate of false positives and false negative. The method behaves well in distinguishing attacked traffic from normal ones.
  • Keywords
    computer network security; functions; DDoS attack detection; IMF Hurst index; empirical mode decomposition; intrinsic mode functions; network traffic signal; Computer crime; Computers; Educational institutions; Indexes; Internet; Monitoring; Telecommunication traffic; DDoS detection; Empirical Mode Decomposition (EMD); intrinsic mode function; self-similarity;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-0-7695-4519-6
  • Type

    conf

  • DOI
    10.1109/IMCCC.2011.126
  • Filename
    6154151
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3348961