Global Detection of DDoS Attack Based on Time and Frequency Analysis
Due to the complicated and distributed characters of DDoS attack, a novel detection DDoS method based on global network is presented in this paper. Our method detects DDoS by analyzing network-wide traffic, whereas the traditional methods detect it on single link or victim network, they can only detect the DDoS which show large scope. Our method was carried out as follows: First, we get network traffic matrix. Then we diagnose DDoS in time domain and frequency domain by K-L transformation and computing correlation coefficient. K-L divides time domain andfrequency domain sequence into normal space and abnormal space and then we compute the abnormal spaces correlation coefficient. Finally, we set threshold to detect DDoS attack. The simulation result shows that some DDoS could be detected in time domain but others could only be detected in frequency domain. This method is more accurate and faster than traditional ones. It is well suited for detecting earlier DDoS attack.
Luo Hua Hu Guang-min Yao Xing-miao
School of Communication and Information Engineering, University of Electronic Science and Technology of China Chengdu, 610054, Sichuan, China
国际会议
2007年通信、电路与系统国际会议(2007 International Conference on Communications,Circuits and Systems Proceedings)
日本福冈
英文
2007-07-11(万方平台首次上网日期,不代表论文的发表时间)