DDoS discrimination by linear discriminant analysis (LDA)

Thapngam, Theerasak, Yu, Shui and Zhou, Wanlei 2012, DDoS discrimination by linear discriminant analysis (LDA), in ICNC 2012 : Proceedings of the 2012 International Conference on Computing, Networking and Communications, IEEE Computer Society, Los Alamitos, Calif., pp. 532-536, doi: 10.1109/ICCNC.2012.6167480.

Attached Files
Name Description MIMEType Size Downloads

Title DDoS discrimination by linear discriminant analysis (LDA)
Author(s) Thapngam, Theerasak
Yu, ShuiORCID iD for Yu, Shui orcid.org/0000-0003-4485-6743
Zhou, WanleiORCID iD for Zhou, Wanlei orcid.org/0000-0002-1680-2521
Conference name Computing, Networking and Communications. Conference (2012 : Maui, Hawaii)
Conference location Maui, Hawaii
Conference dates 30 Jan.-2 Feb. 2012
Title of proceedings ICNC 2012 : Proceedings of the 2012 International Conference on Computing, Networking and Communications
Editor(s) [Unknown]
Publication date 2012
Conference series Computing, Networking and Communications. Conference
Start page 532
End page 536
Total pages 5
Publisher IEEE Computer Society
Place of publication Los Alamitos, Calif.
Keyword(s) correlation coefficient
DDoS attacks
learning machine
Linear Discriminant Analysis
traffic patterns
Summary In this paper, we propose an effective approach with a supervised learning system based on Linear Discriminant Analysis (LDA) to discriminate legitimate traffic from DDoS attack traffic. Currently there is a wide outbreak of DDoS attacks that remain risky for the entire Internet. Different attack methods and strategies are trying to challenge defence systems. Among the behaviours of attack sources, repeatable and predictable features differ from source of legitimate traffic. In addition, the DDoS defence systems lack the learning ability to fine-tune their accuracy. This paper analyses real trace traffic from publicly available datasets. Pearson's correlation coefficient and Shannon's entropy are deployed for extracting dependency and predictability of traffic data respectively. Then, LDA is used to train and classify legitimate and attack traffic flows. From the results of our experiment, we can confirm that the proposed discrimination system can differentiate DDoS attacks from legitimate traffic with a high rate of accuracy.
ISBN 1467307238
Language eng
DOI 10.1109/ICCNC.2012.6167480
Field of Research 080503 Networking and Communications
Socio Economic Objective 890101 Fixed Line Data Networks and Services
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2012, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30049228

Connect to link resolver
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 0 times in TR Web of Science
Scopus Citation Count Cited 13 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 491 Abstract Views, 7 File Downloads  -  Detailed Statistics
Created: Thu, 01 Nov 2012, 13:12:10 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.