Deakin home > Deakin University Library > Deakin Research Online > Classifying DDoS packets in high-speed networks
Openly accessible

Classifying DDoS packets in high-speed networks

Xiang, Yang and Zhou, Wanlei 2006, Classifying DDoS packets in high-speed networks, International journal of computer science and network security, vol. 6, no. 2B, pp. 107-115.

Document type: Journal Article
Collections: School of Engineering and Information Technology
Open Access Collection
Attached Files (Some files may be inaccessible until you login with your Deakin Research Online credentials)
Name Description MIMEType Size Downloads
xiang-classifyingddos-2006.pdf Published version application/pdf 276.19KB 9

Title Classifying DDoS packets in high-speed networks
Author(s) Xiang, Yang
Zhou, Wanlei
Journal name International journal of computer science and network security
Volume number 6
Issue number 2B
Start page 107
End page 115
Publisher International Journal of Computer Science and Network Security
Place of publication Republic of Korea
Publication date 2006
ISSN 1738-7906
Keyword(s) DDoS attacks
packet classification
high-speed network
intrusion detection
Summary Recently high-speed networks have been utilized by attackers as Distributed Denial of Service (DDoS) attack infrastructure. Services on high-speed networks also have been attacked by successive waves of the DDoS attacks. How to sensitively and accurately detect the attack traffic, and quickly filter out the attack packets are still the major challenges in DDoS defense. Unfortunately most current defense approaches can not efficiently fulfill these tasks. Our approach is to find the network anomalies by using neural network and classify DDoS packets by a Bloom filter-based classifier (BFC). BFC is a set of spaceefficient data structures and algorithms for packet classification. The evaluation results show that the simple complexity, high classification speed and accuracy and low storage requirements of this classifier make it not only suitable for DDoS filtering in high-speed networks, but also suitable for other applications such as string matching for intrusion detection systems and IP lookup for programmable routers.
Notes
Every reasonable effort has been made to ensure that permission has been obtained for items included in Deakin Research Online. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au
Language eng
Field of Research 080503 Networking and Communications
Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences
HERDC Research category C1 Refereed article in a scholarly journal
Copyright notice ©2005, International Journal of Computer Science and Network Security
Persistent URL http://hdl.handle.net/10536/DRO/DU:30003911
Connect to link resolver
 
Link to Related Work
 
Unless expressly stated otherwise, the copyright for items in Deakin Research Online is owned by the author, with all rights reserved.

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.

Versions
Version Filter Type
Access Statistics: 440 Abstract Views, 9 File Downloads  -  Detailed Statistics
Created: Mon, 07 Jul 2008, 09:06:43 EST