User behaviour modelling based DDoS attack detection
| Title | User behaviour modelling based DDoS attack detection |
| Publication Type | Conference Paper |
| Year of Publication | 2014 |
| Authors | Cepheli, O., Buyukcorak, S., Kurt, G.K. |
| Conference Name | Signal Processing and Communications Applications Conference (SIU), 2014 22nd |
| Date Published | April |
| Keywords | Adaptation models, anomaly detection, Computer crime, computer network security, Conferences, DDoS, DDoS attack detection, destination IP traffic, distributed denial of service, EM, expectation maximization, human factors, IP networks, Mathematical model, network system, Signal processing, telecommunication traffic, user behaviour modelling, user modeling, user modelling |
| Abstract | Distributed Denial of Service (DDoS) attacks are one of the most important threads in network systems. Due to the distributed nature, DDoS attacks are very hard to detect, while they also have the destructive potential of classical denial of service attacks. In this study, a novel 2-step system is proposed for the detection of DDoS attacks. In the first step an anomaly detection is performed on the destination IP traffic. If an anomaly is detected on the network, the system proceeds into the second step where a decision on every user is made due to the behaviour models. Hence, it is possible to detect attacks in the network that diverges from users' behavior model. |
| DOI | 10.1109/SIU.2014.6830697 |
| Citation Key | 6830697 |
- expectation maximization
- user modelling
- user modeling
- user behaviour modelling
- telecommunication traffic
- signal processing
- network system
- Mathematical model
- IP networks
- Human Factors
- Adaptation models
- EM
- distributed denial of service
- destination IP traffic
- DDoS attack detection
- DDoS
- Conferences
- computer network security
- Computer crime
- Anomaly Detection