D-FACE: An anomaly based distributed approach for early detection of DDoS attacks and flash events. (1st June 2018)
- Record Type:
- Journal Article
- Title:
- D-FACE: An anomaly based distributed approach for early detection of DDoS attacks and flash events. (1st June 2018)
- Main Title:
- D-FACE: An anomaly based distributed approach for early detection of DDoS attacks and flash events
- Authors:
- Behal, Sunny
Kumar, Krishan
Sachdeva, Monika - Abstract:
- Abstract: In the present computer era, though the Internet-based applications are the driving force of social evolution, yet its architectural vulnerabilities proffer plethoric leisure to the attackers for conquering diversity of attacks on its services. Distributed Denial of Service (DDoS) is one of such prominent attack that constitutes a lethal threat to Internet domain that harnesses its computing and communication resources. Despite the presence of enormous defense solutions, ensuring the security and availability of data, resources, and services to end users remains an ongoing research challenge. In addition, the increase in network traffic rates of legitimate traffic and flow similarity of attack traffic with legitimate traffic has further made DDoS problem more crucial. The current research has deployed DDoS defense solutions primarily at the victim-end because of the inherent advantages of easy deployment and availability of complete attack information. However, the huge network traffic volume generated by DDoS attacks and lack of sufficient computational resources at the victim-end makes defense solution itself vulnerable to these attacks. This paper proposes an ISP level distributed, flexible, automated, and collaborative (D-FACE) defense system which not only distributes the computational and storage complexity to the nearest point of presence (PoPs) routers but also leads to an early detection of DDoS attacks and flash events (FEs). The results show that D-FACEAbstract: In the present computer era, though the Internet-based applications are the driving force of social evolution, yet its architectural vulnerabilities proffer plethoric leisure to the attackers for conquering diversity of attacks on its services. Distributed Denial of Service (DDoS) is one of such prominent attack that constitutes a lethal threat to Internet domain that harnesses its computing and communication resources. Despite the presence of enormous defense solutions, ensuring the security and availability of data, resources, and services to end users remains an ongoing research challenge. In addition, the increase in network traffic rates of legitimate traffic and flow similarity of attack traffic with legitimate traffic has further made DDoS problem more crucial. The current research has deployed DDoS defense solutions primarily at the victim-end because of the inherent advantages of easy deployment and availability of complete attack information. However, the huge network traffic volume generated by DDoS attacks and lack of sufficient computational resources at the victim-end makes defense solution itself vulnerable to these attacks. This paper proposes an ISP level distributed, flexible, automated, and collaborative (D-FACE) defense system which not only distributes the computational and storage complexity to the nearest point of presence (PoPs) routers but also leads to an early detection of DDoS attacks and flash events (FEs). The results show that D-FACE defense system outperformed the existing Entropy-based systems on various defense system evaluation metrics. Graphical abstract: An ISP level distributed approach for early detection of DDoS attacks and Flash Events, Sunny Behal, Krishan Kumar, Monika Sachdeva Journal of Network and Computer Applications. Highlights: Generalized entropy based DFACE defense system for DDoS attacks and FEs is proposed. D-FACE distribute computational and memory overheads to multiple PoPs of an ISP. D-FACE is flexible as it can continue to work in case some of the PoPs did not reported in time. D-FACE is un-interruptible despite the presence of DDoS attacks and FEs. D-FACE outperformed existing entropy based systems on various evaluation metrics. … (more)
- Is Part Of:
- Journal of network and computer applications. Volume 111(2018)
- Journal:
- Journal of network and computer applications
- Issue:
- Volume 111(2018)
- Issue Display:
- Volume 111, Issue 2018 (2018)
- Year:
- 2018
- Volume:
- 111
- Issue:
- 2018
- Issue Sort Value:
- 2018-0111-2018-0000
- Page Start:
- 49
- Page End:
- 63
- Publication Date:
- 2018-06-01
- Subjects:
- Network security -- DDoS attacks -- Flash events -- Entropy -- Information distance
Microcomputers -- Periodicals
Computer networks -- Periodicals
Application software -- Periodicals
Micro-ordinateurs -- Périodiques
Réseaux d'ordinateurs -- Périodiques
Logiciels d'application -- Périodiques
Application software
Computer networks
Microcomputers
Periodicals
004.05
004 - Journal URLs:
- http://www.sciencedirect.com/science/journal/10848045 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jnca.2018.03.024 ↗
- Languages:
- English
- ISSNs:
- 1084-8045
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5021.410600
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 6301.xml