Affiliation:
1. School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China
2. Key Laboratory of Computer Network and Information Integration, Southeast University, Ministry of Education, Nanjing 21189, China
Abstract
With the great changes in network scale and network topology, the difficulty of DDoS attack detection increases significantly. Most of the methods proposed in the past rarely considered the real-time, adaptive ability, and other practical issues in the real-world network attack detection environment. In this paper, we proposed a real-time adaptive DDoS attack detection method RT-SAD, based on the response to the external network when attacked. We designed a feature extraction method based on sketch and an adaptive updating algorithm, which makes the method suitable for the high-speed network environment. Experiment results show that our method can detect DDoS attacks using sampled Netflowunder high-speed network environment, with good real-time performance, low resource consumption, and high detection accuracy.
Funder
Ministry of Education of China and China Mobile
Subject
Computer Networks and Communications,Information Systems
Reference24 articles.
1. Convergence of Blockchain and IoT for Secure Transportation Systems in Smart Cities
2. Part I: retrospective 2020: DDoS was back-bigger and badder than ever before;T. Emmons,2021
3. Akamai mitigates sophisticated 1.44 Tbps and 385 Mpps DDoS attack;L. Jakober,2020
4. FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins;C. Cimpanu,2020
5. Hping3 package description;Kalitool,2019