Skip to main content
We gratefully acknowledge support from the Simons Foundation, member institutions, and all contributors. Donate
arXiv logo
Cornell University Logo

Computer Science > Networking and Internet Architecture

arXiv:1101.2715 (cs)
[Submitted on 14 Jan 2011]

Title:A Novel Mechanism for Detection of Distributed Denial of Service Attacks

Authors:Jaydip Sen
View PDF
Abstract:The increasing popularity of web-based applications has led to several critical services being provided over the Internet. This has made it imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper has presented a mechanism for protecting a web-server against a distributed denial of service (DDoS) attack. Incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. While the detection process is on, the sessions from the legitimate sources are not disrupted and the load on the server is restored to the normal level by blocking the traffic from the attacking sources. To cater to different scenarios, the detection algorithm has various modules with varying level of computational and memory overheads for their execution. While the approximate modules are fast in detection and involve less overhead, they have lower detection accuracy. The accurate modules involve complex detection logic and hence involve more overhead for their execution, but they have very high detection accuracy. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the scheme.
Comments: 11 pages, 5 tables. In Proceedings of the First International Conference on Computer Science and Information Technology (CCSIT 2011). Springer CCIS Series Vol 133, Advanced Computing, Part 3, pp. 247-257, Bangalore, 2011, India
Subjects: Networking and Internet Architecture (cs.NI)
Cite as: arXiv:1101.2715 [cs.NI]
  (or arXiv:1101.2715v1 [cs.NI] for this version)
  https://doi.org/10.48550/arXiv.1101.2715
Related DOI: https://doi.org/10.1007/978-3-642-17881-8_24

Submission history

From: Jaydip Sen [view email]
[v1] Fri, 14 Jan 2011 04:34:43 UTC (228 KB)
Full-text links:

Access Paper:

  • View PDF
  • Other Formats
view license
Current browse context:
cs.NI
< prev   |   next >
new | recent | 2011-01
Change to browse by:
cs

References & Citations

DBLP - CS Bibliography

listing | bibtex
Jaydip Sen
export BibTeX citation

Bookmark

BibSonomy logo Reddit logo

Bibliographic and Citation Tools

Bibliographic Explorer (What is the Explorer?)
Connected Papers (What is Connected Papers?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)

Code, Data and Media Associated with this Article

alphaXiv (What is alphaXiv?)
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Hugging Face (What is Huggingface?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)

Demos

Replicate (What is Replicate?)
Hugging Face Spaces (What is Spaces?)
TXYZ.AI (What is TXYZ.AI?)

Recommenders and Search Tools

Influence Flower (What are Influence Flowers?)
CORE Recommender (What is CORE?)

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.

Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)