QUT ePrints

Ensemble-based DDoS detection and mitigation model

Bhatia, Sajal, Schmidt, Desmond, & Mohay, George M. (2012) Ensemble-based DDoS detection and mitigation model. In 2012 Fifth International Conference On Security of Information and Networks, Jaipur, India, pp. 79-86.

View at publisher

Abstract

This work-in-progress paper presents an ensemble-based model for detecting and mitigating Distributed Denial-of-Service (DDoS) attacks, and its partial implementation. The model utilises network traffic analysis and MIB (Management Information Base) server load analysis features for detecting a wide range of network and application layer DDoS attacks and distinguishing them from Flash Events. The proposed model will be evaluated against realistic synthetic network traffic generated using a software-based traffic generator that we have developed as part of this research. In this paper, we summarise our previous work, highlight the current work being undertaken along with preliminary results obtained and outline the future directions of our work.

Impact and interest:

1 citations in Scopus
Search Google Scholar™
1 citations in Web of Science®

Citation countsare sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

226 since deposited on 01 Nov 2012
113 in the past twelve months

Full-text downloadsdisplays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 54505
Item Type: Conference Paper
Keywords: DDoS attacks, Network Traffic Analysis, Flash Events, Modelling, Synthetic Traffic Generation, MIB Data Analysis
DOI: 10.1145/2388576.2388587
ISBN: 9781450316682
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Past > Institutes > Information Security Institute
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2012 ACM
Copyright Statement: Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.
Deposited On: 02 Nov 2012 08:24
Last Modified: 20 Feb 2013 19:52

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page