Skip to main content
SpringerLink
Log in
Book cover

International Conference on Contemporary Computing

IC3 2012: Contemporary Computing pp 395–406Cite as

DDoS Detection with Daubechies

  • Conference paper

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 306))

Abstract

Now a days the Internet has become common man’s communication channel and due to that ensuring security at all levels has become tedious.Denial of Service (DoS) attacks have grown to give rise to Distributed Denial of Service (DDoS) attacks. Due to the open access of Internet the software tools for generating bots are easily available. This has increased the span of DDoS. The traditional methods of DDoS detection fail to detect this emerging breed of attacks. In the recent past Shannon entropy analysis has been done for detection of intrusions in the computer network. Shannon entropy however has limitations in failing to detect attacks of very short duration. Generalized form of Non extensive Tsallis entropy has been tested to look into weaknesses of Shannon entropy. Secondly, there has been growth in the area of application of wavelets to signal processing. Because of their inherent nature wavelets beautifully capture the nature of traffic at multiple scales. We have tried to use Daubechies wavelets to measure Tsallis entropy with different moments and have detected the sudden changes induced in the traffic pattern because of DDoS attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. CERT.: Overview of Dos and DDoS attacks, http://www.us-cert.gov/cas/tips/ST04-015.html

  2. Lu, W., Ghorbani, A.A.: Network Anomaly Detection Based on Wavelet Analysis. EURASIP Journal on Advances in Signal Processing 2009, 1–17 (2009)

    Article  Google Scholar 

  3. Alarcon-Aquino, V., Barria, J.A.: Anomaly Detection in Communication networks using wavelets. In: IEE Proceedings-Communications, pp. 355–362 (2001)

    Google Scholar 

  4. Barford, P., Kline, J., Plonka, D., Ron, A.: A signal analysis of network traffic anomalies. In: ACM SIGCOMM Proceedings Internet Measurement Workshop (2002)

    Google Scholar 

  5. Cheng, C.M., Kung, H.T., Tan, K.S.: Use of spectral analysis in defense against DoS attacks. In: IEEE GLOBECOM Proceedings, pp. 2143–2148 (2002)

    Google Scholar 

  6. Limthong, K., Kensuke, F., Watanapongse, P.: Wavelet-Based Unwanted Traffic Time Series Analysis. In: IEEE International Conference on Computer and Electrical Engineering, pp. 445–449 (2008)

    Google Scholar 

  7. Hussain, A., Heidemann, J., Papadopoulos, C.: Identification of repeated denial of service attacks. In: Proceedings of the IEEE Infocom, pp. 1–15 (2006)

    Google Scholar 

  8. Magnaghi, A., Hamada, T., Katsuyama, T.: A Wavelet-Based Framework for Proactive Detection of Network Misconfigurations. In: Proceedings of ACM Workshop on Network Troubleshooting (2004)

    Google Scholar 

  9. He, X., Papadopoulos, C., Heidemann, J., Mitra, U., Riaz, U.: Remote detection of bottleneck links using spectral and statistical methods. In: ACM International Journal of Computer and Telecommunications Networking, pp. 279–298 (2009)

    Google Scholar 

  10. Carl, G., Brooks, R.R., Rai, S.: Wavelet based denial-of-service detection. ELSEVIER Journal on Computers & Security 25, 600–615 (2006)

    Article  Google Scholar 

  11. Hamdi, M., Boudriga, N.: Detecting denial-of service attacks using the wavelet transform. ELSEVIER Computer Communications 30, 3203–3213 (2007)

    Article  Google Scholar 

  12. Xunyi, R., Ruchuan, W., Haiyan, W.: Wavelet analysis method for detection of DDoS attack on the basis of self-similarity. Frontiers of Electrical and Electronic Engineering in China 2(1), 73–77 (2007)

    Article  Google Scholar 

  13. Lu, W., Tavallaee, M., Ghorbani, A.A.: Detecting network anomalies using different wavelet basis functions. In: Proceedings of the Communication Networks and Services Research Conference, pp. 149–156 (2008)

    Google Scholar 

  14. Bartlett, G., Rey, M.D., Heidemann, J., Papadopoulos, C.: Using Low-Rate Flow Periodicities for Anomaly Detection Extended Technical Report ISI-TR-661 (2009)

    Google Scholar 

  15. Leland, W., Taqqu, M., Willinger, W., Wilson, D.: On the self-similar nature of Ethernet traffic. In: Proceedings of ACM SIGCOMM, pp. 183–193 (1993)

    Google Scholar 

  16. Li, L., Lee, G.: DDoS attack detection and wavelets. In: 12th International Conference on Computer Communications and Networks, pp. 421–427 (2003)

    Google Scholar 

  17. Pacheco, J.C.R., Roman, D.T.: Distinguishing fractal noises and motions using Tsallis Wavelet entropies. In: 2010 IEEE Latin/American Conference on Communications, pp. 1–5 (2010)

    Google Scholar 

  18. Abe, S., Suzuki, N.: Itineration of the Internet over Non-equilibrium Stationary States in Tsallis. Statistics in Physical Review E 67 (2003)

    Google Scholar 

  19. Dainotti, A., Pescapé, A., Ventre, G.: Wavelet-based Detection of DoS Attacks. In: IEEE Conference on Global Communications, pp. 1–6 (2006)

    Google Scholar 

  20. Perez, D.G., Zunino, L., Garavaglia, M., Rosso, O.A.: Wavelet entropy and fractional Brownian motion time series. Physica A 365(2), 282–288 (2006)

    Article  Google Scholar 

  21. Karmeshu, Sharma, S.: Power Law and Tsallis Entropy: Network Traffic and Applications. In: Chaos, Nonliniearity and Complexity. STUDFUZZ, vol. 206, pp. 162–178. Springer (2006)

    Google Scholar 

  22. Abry, P., Veitch, D.: Wavelet analysis of long-range dependent trafic. IEEE Transactions on Information Theory 44, 1111–1124 (1998)

    Article  MathSciNet  Google Scholar 

  23. Stoev, S., Taqqu, M.S., Park, C., Marron, J.S.: On the Wavelet Spectrum Diagnostic for Hurst Parameter Estimation in the analysis of Internet Trafic. ACM Journal on Computer Networks 48, 423–445 (2005)

    Article  Google Scholar 

  24. Abry, P., Veitch, D., Flandrin, P.: Long-Range Dependence: Revisiting Aggregation with Wavelets. Journal of Time Series Analysis 19(3), 253–266 (1998)

    Article  MATH  MathSciNet  Google Scholar 

  25. Tellenbach, B., Burkhart, M., Sornette, D., Maillart, T.: Beyond Shannon: Characterizing Internet Traffic with Generalized Entropy Metrics, pp. 239–248. Springer, Berlin (2009)

    Google Scholar 

  26. Mirkovic, J., Hussain, A., Fahmy, S., Reiher, P., Thomas, R.: Accurately Measuring Denial of Service in Simulation and Testbed Experiments. IEEE Transactions on Dependable & Secure Computing 6(2), 81–95 (2009)

    Article  Google Scholar 

  27. Moore, D., Shannon, C., Brown, J.: Code-Red: A case study on the spread and victims of an Internet worm. In: Proceedings of Internet Measurement Workshop (2002)

    Google Scholar 

  28. The Internet Traffic Archives, http://ita.ee.lbl.gov/html/traces.html

  29. Labovitz, C., Johnson, S.I., McPherson, D., Oberheide, J., Jahanian, F.: Internet inter-domain traffic. In: Proceedings of ACM SIGCOMM, vol. 40, pp. 75–86 (2010)

    Google Scholar 

  30. Peng, T., Leckie, C., Ramamohanrao, K.: Survey of Network-Based Defense Mechanisms Countering the DoS and DDoS Problems. ACM Computing Surveys 39(1) (2007)

    Google Scholar 

  31. Roghan, M., Veitch, D., Abry, P.: Real-time estimation of the parameters of long-range dependence. IEEE/ACM Transactions on Networking, 467–478 (2000)

    Google Scholar 

  32. Kuzmanovic, A., Knightly, E.: Low-Rate TCP-Targeted Denial of Service (The Shrew vs. the Mice and Elephants). In: ACM SIGCOMM Proceedings, pp. 75–86 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Deptt. of CSE and IT, JIIT, Noida, UP, India

    Gagandeep Kaur & Vikas Saxena

  2. Sharda University, Gr. Noida, UP, India

    J. P. Gupta

Authors
  1. Gagandeep Kaur
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vikas Saxena
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. J. P. Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. TASSL, Dept. of Electrical & Computer Engineering, Rutgers the State University of New Jersey, Brett Road, 08854-8058, Piscataway, NJ, USA

    Manish Parashar

  2. Mathematics and Computer Science Division, Argonne National Laboratory, 60439, Argonne, IL, USA

    Dinesh Kaushik

  3. School of Computer Science and Welsh Science Center, Cardiff University, 5 The Parade, CF24 3AA, Cardiff, UK

    Omer F. Rana

  4. Division of Physical Sciences and Engineering, 4700 King Abdullah University of Science and Technology, Room 3221, Al Jazri Building, 23955-6900, Thuwal, Makkah, Saudi Arabia

    Ravi Samtaney

  5. Department of Electrical and Computer Engineering, Stony Brook University, 11794, Stony Brook, New York, USA

    Yuanyuan Yang

  6. Faculty of Engineering and Information Technologies, School of Information Technologies, University of Sydney, 2006, Sydney, NSW, Australia

    Albert Zomaya

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kaur, G., Saxena, V., Gupta, J.P. (2012). DDoS Detection with Daubechies. In: Parashar, M., Kaushik, D., Rana, O.F., Samtaney, R., Yang, Y., Zomaya, A. (eds) Contemporary Computing. IC3 2012. Communications in Computer and Information Science, vol 306. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32129-0_40

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-32129-0_40

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32128-3

  • Online ISBN: 978-3-642-32129-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation