Deakin University
Browse

Adaptive clustering with feature ranking for DDoS attacks detection

Version 2 2024-06-04, 04:13
Version 1 2017-07-27, 13:12
conference contribution
posted on 2024-06-04, 04:13 authored by L Zi, John YearwoodJohn Yearwood, XW Wu
Distributed Denial of Service (DDoS) attacks pose an increasing threat to the current internet. The detection of such attacks plays an important role in maintaining the security of networks. In this paper, we propose a novel adaptive clustering method combined with feature ranking for DDoS attacks detection. First, based on the analysis of network traffic, preliminary variables are selected. Second, the Modified Global K-means algorithm (MGKM) is used as the basic incremental clustering algorithm to identify the cluster structure of the target data. Third, the linear correlation coefficient is used for feature ranking. Lastly, the feature ranking result is used to inform and recalculate the clusters. This adaptive process can make worthwhile adjustments to the working feature vector according to different patterns of DDoS attacks, and can improve the quality of the clusters and the effectiveness of the clustering algorithm. The experimental results demonstrate that our method is effective and adaptive in detecting the separate phases of DDoS attacks. © 2010 IEEE.

History

Pagination

281-286

Location

Melbourne, Vic.

Start date

2010-09-01

End date

2010-09-03

ISBN-13

9780769541594

Publication classification

EN.1 Other conference paper

Title of proceedings

Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010

Publisher

IEEE

Place of publication

Piscataway, N.J.

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC