Title: Automatic detection of DDoS attacks to notification services

Authors: J. Jenny Li; Tony Savor

Addresses: Computer Science Department, Kean University, 1000 Morris Ave, Union NJ, USA ' Facebook, 1601 Willow Rd, Menlo Park, CA, USA

Abstract: A notification service alerts a large number of recipients to important or emergency events in a timely manner. A denial of service (DoS) attack inserts unnecessary traffic to slow down or chock the notification service and a distributed DoS (DDoS) comes from seemingly various sources. The challenge of automated detection of DDoS attacks lies in distinguishing attacks from temporary surge of normal notification traffic. This paper proposes an 'escalation hierarchy' method to detect such types of DDoS intrusions by monitoring performance degradation at various levels of social events. Our trial of the method on an industrial large-scale notification service showed the effectiveness of our method through automating both consistency checking of measurement data and identification of causes for performance degradation.

Keywords: notification service; combinatorial testing; covering array; DDoS attack.

DOI: 10.1504/IJIPSI.2017.086790

International Journal of Information Privacy, Security and Integrity, 2017 Vol.3 No.1, pp.1 - 17

Received: 21 Oct 2016
Accepted: 21 Dec 2016

Published online: 26 Sep 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article