DDoSniffer: Detecting DDoS attack at the source agents Online publication date: Mon, 13-Jul-2009
by Vicky Laurens, Alexandre Miege, Abdulmotaleb El Saddik, Pulak Dhar
International Journal of Advanced Media and Communication (IJAMC), Vol. 3, No. 3, 2009
Abstract: Distributed Denial of Service (DDoS) attacks are an important and challenging security threat. Despite the existing defence mechanisms, attackers manage to build large sets of impersonated hosts. Our approach consists in detecting DDoS directly on these hosts. We classify ongoing attacks as connection attacks or bandwidth attacks. The former are defined as attacks that generate connections with four packets or fewer; the latter as attacks that create connections with traffic ratios larger than usual. We developed a software tool, DDoSniffer, which enforces those principles. We show that it is capable of detecting a broad range of attacks within seconds.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Advanced Media and Communication (IJAMC):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook