Deakin home > Deakin University Library > Deakin Research Online > DDoS discrimination by linear discriminant analysis (LDA)

DDoS discrimination by linear discriminant analysis (LDA)

Thapngam, Theerasak, Yu, Shui and Zhou, Wanlei 2012, DDoS discrimination by linear discriminant analysis (LDA), in ICNC 2012 : Proceedings of the 2012 International Conference on Computing, Networking and Communications, IEEE Computer Society, Los Alamitos, Calif., pp. 532-536.

Attached Files (Some files may be inaccessible until you login with your Deakin Research Online credentials)
Name Description MIMEType Size Downloads

Title DDoS discrimination by linear discriminant analysis (LDA)
Author(s) Thapngam, Theerasak
Yu, Shui
Zhou, Wanlei
Conference name Computing, Networking and Communications. Conference (2012 : Maui, Hawaii)
Conference location Maui, Hawaii
Conference dates 30 Jan.-2 Feb. 2012
Title of proceedings ICNC 2012 : Proceedings of the 2012 International Conference on Computing, Networking and Communications
Editor(s) [Unknown]
Publication date 2012
Conference series Computing, Networking and Communications. Conference
Start page 532
End page 536
Total pages 5
Publisher IEEE Computer Society
Place of publication Los Alamitos, Calif.
Keyword(s) correlation coefficient
DDoS attacks
entropy
learning machine
Linear Discriminant Analysis
traffic patterns
Summary In this paper, we propose an effective approach with a supervised learning system based on Linear Discriminant Analysis (LDA) to discriminate legitimate traffic from DDoS attack traffic. Currently there is a wide outbreak of DDoS attacks that remain risky for the entire Internet. Different attack methods and strategies are trying to challenge defence systems. Among the behaviours of attack sources, repeatable and predictable features differ from source of legitimate traffic. In addition, the DDoS defence systems lack the learning ability to fine-tune their accuracy. This paper analyses real trace traffic from publicly available datasets. Pearson's correlation coefficient and Shannon's entropy are deployed for extracting dependency and predictability of traffic data respectively. Then, LDA is used to train and classify legitimate and attack traffic flows. From the results of our experiment, we can confirm that the proposed discrimination system can differentiate DDoS attacks from legitimate traffic with a high rate of accuracy.
ISBN 9781467307239
9781467300087
Language eng
Field of Research 080503 Networking and Communications
Socio Economic Objective 890101 Fixed Line Data Networks and Services
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2012, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30049228

Document type: Conference Paper
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in Deakin Research Online is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 20 Abstract Views, 3 File Downloads  -  Detailed Statistics
Created: Thu, 01 Nov 2012, 13:12:10 EST