Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
9-2008
Abstract
Threads posed by Distributed Denial of Service (DDoS) attacks are becoming more serious day by day. Accurately detecting DDoS becomes an important and necessary step in securing a computer network. However, Flash Event (FE), which is created by legitimate requests, shares very similar characteristics with DDoS in many aspects and makes it hard to be distinguished from DDoS attacks. In this paper, we propose a simple yet effective mechanism called FDD (FE and DDoS Distinguisher) to distinguish FE and DDoS. To the best of our knowledge, this is the first effective and practical mechanism that distinguishes FE and DDoS attacks. Our trace-driven evaluation shows that FDD distinguishes between FE and DDoS attacks accurately and efficiently by utilizing only memory of a very small size, making it possible to be implemented on high-speed networking devices.
Keywords
Network Security, Distributed Denial of Service, Flash Event, Randomness Check
Discipline
Information Security
Research Areas
Cybersecurity
Publication
Information security: 11th International Conference, ISC 2008, Taipei, Taiwan, September 15-18, Proceedings
Volume
5222
First Page
131
Last Page
145
ISBN
9783540858867
Identifier
10.1007/978-3-540-85886-7_9
Publisher
Springer
City or Country
Berlin
Citation
PARK, Hyundo; LI, Peng; GAO, Debin; LEE, Heejo; and DENG, Robert H..
Distinguishing between FE and DDoS using Randomness Check. (2008). Information security: 11th International Conference, ISC 2008, Taipei, Taiwan, September 15-18, Proceedings. 5222, 131-145.
Available at: https://ink.library.smu.edu.sg/sis_research/429
Copyright Owner and License
Publisher
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1007/978-3-540-85886-7_9