Vestnik Udmurtskogo Universiteta. Matematika. Mekhanika. Komp'yuternye Nauki
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive
Impact factor

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS



Vestn. Udmurtsk. Univ. Mat. Mekh. Komp. Nauki:
Year:
Volume:
Issue:
Page:
Find






Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register


Vestnik Udmurtskogo Universiteta. Matematika. Mekhanika. Komp'yuternye Nauki, 2018, Volume 28, Issue 3, Pages 407–418
DOI: https://doi.org/10.20537/vm180310
(Mi vuu647)
 

This article is cited in 5 scientific papers (total in 5 papers)

COMPUTER SCIENCE

Detecting DDoS attacks by analyzing the dynamics and interrelation of network traffic characteristics

A. E. Krasnov, E. N. Nadezhdin, D. N. Nikol'skii, D. S. Repin, V. S. Galyaev

State Institute of Information Technologies and Telecommunications, ul. Chasovaya, 21B, Moscow, 125315, Russia
Full-text PDF (239 kB) Citations (5)
References:
Abstract: This paper presents an improved approach previously developed by the authors for detection of DDoS attacks. It uses traffic evolution and dynamical operators, which makes it possible to take into consideration interrelations observed for data packets headers of traffic. It is assumed that each traffic state (normal state and anomalous attacked states) can be described by unique temporal patterns of characteristics generated by unknown linear dynamical operators. Interrelations between values of network traffic characteristics in different discrete time samples are determined by the evolution operator. The approach was applied for classification of three traffic states: normal and two abnormal (HTTP flood and SlowLoris DDoS attacks). The results prove that it is possible to distinguish normal and abnormal traffic states by hash functions of address and load fields of traffic data packets.
Keywords: network traffic, DDoS attack, detection, dynamical operator, evolution operator, hash function, classification.
Funding agency Grant number
Ministry of Education and Science of the Russian Federation RFMEFI57817X0261
The work was supported by the Ministry of Education and Science of Russian Federation by lot code 2017-14-579-0002 on the topic: “The development of effective algorithms for detection network attacks based on identifying of deviations in the traffic of extremely large volumes arriving at the border routers of the data network and creating a sample of software complex for detection and prevention of information security threats aimed at denial of service”. The unique identifier of the work (project) is RFMEFI57817X0261.
Received: 15.06.2018
Bibliographic databases:
Document Type: Article
UDC: 517.28, 530.181
MSC: 90B20, 47A62
Language: Russian
Citation: A. E. Krasnov, E. N. Nadezhdin, D. N. Nikol'skii, D. S. Repin, V. S. Galyaev, “Detecting DDoS attacks by analyzing the dynamics and interrelation of network traffic characteristics”, Vestn. Udmurtsk. Univ. Mat. Mekh. Komp. Nauki, 28:3 (2018), 407–418
Citation in format AMSBIB
\Bibitem{KraNadNik18}
\by A.~E.~Krasnov, E.~N.~Nadezhdin, D.~N.~Nikol'skii, D.~S.~Repin, V.~S.~Galyaev
\paper Detecting DDoS attacks by analyzing the dynamics and interrelation of network traffic characteristics
\jour Vestn. Udmurtsk. Univ. Mat. Mekh. Komp. Nauki
\yr 2018
\vol 28
\issue 3
\pages 407--418
\mathnet{http://mi.mathnet.ru/vuu647}
\crossref{https://doi.org/10.20537/vm180310}
\elib{https://elibrary.ru/item.asp?id=35645990}
Linking options:
  • https://www.mathnet.ru/eng/vuu647
  • https://www.mathnet.ru/eng/vuu/v28/i3/p407
  • This publication is cited in the following 5 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    Вестник Удмуртского университета. Математика. Механика. Компьютерные науки
    Statistics & downloads:
    Abstract page:378
    Full-text PDF :202
    References:50
     
      Contact us:
     Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024