A DoS Detection Method Based on Composition Self-Similarity |
Jian-Qi, Zhu
(College of Computer Science and Technology, Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education, Jilin University)
Feng, Fu (College of Computer Science and Technology, Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education, Jilin University) Kim, Chong-Kwon (School of Computer Science and Engineering, Seoul National University) Ke-Xin, Yin (College of Software, Changchun University of Technology) Yan-Heng, Liu (College of Computer Science and Technology, Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education, Jilin University) |
1 | J Mirkovic and P Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," ACM SIGCOMM Computer Communications Review, vol.34, no.2, pp.39-53, Apr.2004. DOI ScienceOn |
2 | S.Kumar and E.H.Spafford, "A software architecture to support misuse intrusion detection," in Proc. of 18th National Information Security Conference , pp.194-204, Oct.1995. |
3 | K.Ilgun, R.A.Kemmerer and P.A. Porras, "State transition analysis: a rule-based intrusion detection approach," IEEE transactions on software engineering, vol.21, no.3, pp.181-199, Mar.1995. DOI ScienceOn |
4 | T.Lunt, A.Tamaru, F.Gilham, R.Jagannathan, P.Neumann, H.Javitz, A.Valdes and T.Garvey, "A real-time intrusion detection expert system (IDES)-final technical report," Computer science library, SRI International, Menlo Park, California, Feb.1992. |
5 | Leland et al., "On the self-similar nature of Ethernet traffic (extended version)," IEEE/ACM Transactions of Networking, vol.2, no.1, pp.1-15, Feb.1994. DOI ScienceOn |
6 | W.H. Allen and G.A. Marin, "The loss technique for detecting new Denial of Service attacks," in Proc. of Southeast Conference, pp.302-309, Mar.2004. |
7 | Y. Xiang, Y. Lin, W.L. Lei and S.J. Huang, "Detecting DDoS attack based on network self-similarity," in Proc. of IEEE Communications, vol.151, no.3, pp.292-295, Jun.2004. DOI ScienceOn |
8 | Ming Li, "Change trend of averaged Hurst parameter of traffic under DDoS flood attacks," Computers & Security, vol.25, no.3, pp.213-220, May.2006. DOI ScienceOn |
9 | Lawniczak AT, Wu H and Di Stefan BN, "Detection of anomalous packet traffic via entropy," in Proc. of 22nd IEEE Canadian Conference on Electrical and Computer Engineering, pp.137-141, May.2009. |
10 | Lakhina A, Crovella M and Diot C, "Mining anomalies using traffic feature distributions," Computer Communication Review, vol.35, no.4, pp.217-228, Oct.2005. DOI ScienceOn |
11 | E. Earl Eiland and Lorie M. Liebrock, "An application of information theory to intrusion detection," in Proc. of 4th IEEE International Workshop on Information Assurance, pp.119-134, Apr. 2006. |
12 | Nychis G, Sekar V and Andersen DG, "An empirical evaluation of entropy-based traffic anomaly detection," in Proc. of 8th ACM SIGCOMM Internet Measurement Conference, pp.151-156, 2008. |
13 | Rahmani H, Sahli N and Kammoun F, "Joint entropy analysis model for DDoS attack Detection," in Proc. of 5th International Conference on Information Assurance and Security, pp.267-271, Aug.2009. |
14 | Thomas M and Joy A, Elements of Information Theory, John Wiley & Sons Inc., New York, 2006. |
15 | Xiang Li and G. Chen, "A local-world evolving network model," Physical A, vol.328, no.1-2, pp.274-286, Oct.2003. DOI ScienceOn |
16 | Park C, Hernandez-Campos F and Le L, et al, "Long-range dependence analysis of Internet traffic," Journal of Applied Statistics, vol.38, no.7, pp.1407-1433, 2011. DOI ScienceOn |