Lightweight DDoS flooding attack detection using NOX/OpenFlow
Top Cited Papers
- 1 October 2010
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 408-415
- https://doi.org/10.1109/lcn.2010.5735752
Abstract
Distributed denial-of-service (DDoS) attacks became one of the main Internet security problems over the last decade, threatening public web servers in particular. Although the DDoS mechanism is widely understood, its detection is a very hard task because of the similarities between normal traffic and useless packets, sent by compromised hosts to their victims. This work presents a lightweight method for DDoS attack detection based on traffic flow features, in which the extraction of such information is made with a very low overhead compared to traditional approaches. This is possible due to the use of the NOX platform which provides a programmatic interface to facilitate the handling of switch information. Other major contributions include the high rate of detection and very low rate of false alarms obtained by flow analysis using Self Organizing Maps.Keywords
This publication has 15 references indexed in Scilit:
- Unifying Packet and Circuit Switched NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Anormaly Intrusion Detection Based on SOMPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Grey self-organizing map based intrusion detectionOptoelectronics Letters, 2009
- Research on Intrusion Detection Based on an Improved SOM Neural NetworkPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Intrusion Detection System Using Self-Organizing MapsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Research on the Active DDoS Filtering Algorithm Based on IP FlowPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Efficient detection of DDoS attacks with important attributesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- NOXACM SIGCOMM Computer Communication Review, 2008
- OpenFlowACM SIGCOMM Computer Communication Review, 2008
- Detecting denial of service attacks using emergent self-organizing mapsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006