Research Papers Library

Discriminating drdos packets using time interval analysis

The Distributed Reflection Denial of Service (DRDoS) attack represents a critical security threat. As such attacks generate unidirectional traffic, it is difficult for the targets to protect themselves. To mitigate against such attacks, defense mechanisms must be installed on backbone networks, to detect and block the attack traffic before it reaches the final destination. Conventional approaches monitor the traffic volume, and assume that an attack is in progress if the observed volume exceeds a certain threshold. However, this simple approach allows the attacker to evade detection by adjusting the traffic volume. In this study, we proposed a novel approach that accurately detects DRDoS attacks using the time intervals between the arriving packets. We applied a K-means clustering algorithm to identify the appropriate threshold value. The proposed algorithm was implemented at a real data center, and the results demonstrated the high level of accuracy that our approach can achieve.

Download PDF


World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.