Title: A multi scale approach to distinguish flash crowds from PDDoS attacks

Authors: Gagandeep Kaur; Vikas Saxena; J.P. Gupta

Addresses: Department of CSE and IT, Jaypee Institute of Information Technology, Noida, UP 201309, India ' Department of CSE and IT, Jaypee Institute of Information Technology, Noida, UP 201309, India ' Office of VC, Sharda University, Greater Noida, UP 201306, India

Abstract: The distributed denial of service attacks have become more sophisticated. The new pulsating denial of service attacks have been found to be heavily damaging to the users and servers. The legitimate flash events have similarity with pulsating distributed denial of service attacks. The presence of self-similarity in computer network traffic has introduced a newer dimension in techniques being developed for anomaly detection in aggregated network traffic. We have tried to use wavelets to distinguish between flash events and pulsating distributed denial of service attacks. Secondly, for any network administrator it is always easier to identify irregularity in the traffic through images therefore we have developed multi-resolution analysis map to represent our attack detection mechanism.

Keywords: self similarity; wavelets; pulsating distributed DoS; denial of service; DDoS; PDDoS; flash events; DoS attacks; anomaly detection; multi-resolution analysis maps; attack detection.

DOI: 10.1504/IJICT.2014.060401

International Journal of Information and Communication Technology, 2014 Vol.6 No.2, pp.213 - 238

Accepted: 25 Oct 2013
Published online: 13 Apr 2014 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article