| Title | Improving Performance of Collaborative Source-Side DDoS Attack Detection |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Yeom, S., Kim, K. |
| Conference Name | 2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS) |
| Date Published | Sept. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-89-950043-8-8 |
| Keywords | Collaboration, collaborative attack detection technique, collaborative source-side DDoS attack detection method, Collaborative Source-side detection, Communication networks, composability, Computer crime, computer network security, DDoS Attack, DDoS attack detection, denial-of-service attack, detecting performance, detection methods, distributed denial-of-service attacks, false positive rate, Human Behavior, individual attack detection, Metrics, Network security, pubcrawl, resilience, Resiliency, SDN IDPS, security, source-side Denial-of-Service, source-side detection, telecommunication traffic, weighted detection results |
| Abstract | Recently, as the threat of Distributed Denial-of-Service attacks exploiting IoT devices has spread, source-side Denial-of-Service attack detection methods are being studied in order to quickly detect attacks and find their locations. Moreover, to mitigate the limitation of local view of source-side detection, a collaborative attack detection technique is required to share detection results on each source-side network. In this paper, a new collaborative source-side DDoS attack detection method is proposed for detecting DDoS attacks on multiple networks more correctly, by considering the detecting performance on different time zone. The results of individual attack detection on each network are weighted based on detection rate and false positive rate corresponding to the time zone of each network. By gathering the weighted detection results, the proposed method determines whether a DDoS attack happens. Through extensive evaluation with real network traffic data, it is confirmed that the proposed method reduces false positive rate by 35% while maintaining high detection rate. |
| URL | https://ieeexplore.ieee.org/document/9237014/ |
| DOI | 10.23919/APNOMS50412.2020.9237014 |
| Citation Key | yeom_improving_2020 |
Improving Performance of Collaborative Source-Side DDoS Attack Detection