CLASSIFYING DDOS ATTACKS BY HIERARCHICAL CLUSTERING BASED ON SIMILARITY
With the researching for detection and defense against Distributed Denial of Service (DDoS) attacks, researchers constantly advanced network security systems, and attackers in turn improve their tools to survive from new security systems. Both of the variety and sophistication of DDoS attack tools are growing rapidly. Therefore, an abstract, formalized description and taxonomy is needed to identify and classify existing attack tools and their late editions. Besides, the taxonomy should be scalable to deal with new attacks.This paper proposes a novel and abstract method for describing DDoS attacks with characteristic tree, three-tuple,and introduces an original, formalized taxonomy based on similarity and Hierarchical Clustering method. Through classifying 12 real DDoS attack tools, the taxonomy is evaluated. The results show that to complicated attack samples, this taxonomy can classify them accurately. In addition, it is important for developing realistic models of DDoS simulation and for performing attacks detection and analysis as a Plug-in. It can also be packaged as an automated tool to aid in rapid response to DDoS attacks.
DDoS attack formalized taxonomy similarity Hierarchical Clustering
JIAN KANG YUAN ZHANG JIU-BIN JU
Department of Computer Science & Technology, Jilin University, Changchun, 130012, China
国际会议
2006 International Conference on Machine Learning and Cybernetics(IEEE第五届机器学习与控制论坛)
大连
英文
2712-2717
2006-08-13(万方平台首次上网日期,不代表论文的发表时间)