Volume 7 Number 10 (Oct. 2012)
Home > Archive > 2012 > Volume 7 Number 10 (Oct. 2012) >
JSW 2012 Vol.7(10): 2341-2348 ISSN: 1796-217X
doi: 10.4304/jsw.7.10.2341-2348

Correlation-based Detection of LDoS Attack

Wu Zhi-jun1, Wang Minghua2, Zhang Haitao3, and Liu Xingchen3

1School of Electronics & Information, Engineering, Civil Aviation University of China, Tianjin, China
2China Computer Emergency Response Term, Beijing, China
3School of Electronics & Information, Engineering, Tianjin University, Tianjin, China

Abstract—Low-rate Denial of Service (LDoS) attack and TCP flows are simulated in the time and frequency domain for the purpose of analyzing their signatures and extracting period T and duration L of LDoS attack, which are two correlative parameters used in the proposed detecting approach. In the correlation operation, the reference signal is the simulated traffic of LDoS attack, which are built based on the extracted parameters of T and L. The incoming signal is the hybrid signal (TCP flows plus Real LDoS attacks). A detect threshold is established to be compared with the results of correlation operation. If the correlation value exceeds the threshold, the LDoS attack is determined. The proposed method has been tested both in network simulation NS-2 platform and network testbed environment with different parameters of T and L. Experimental results show that the proposed approach reaches the good performance with higher detect rate PD , and lower false negative alarm rate PFN and false positive alarm rate PFP .

Index Terms—LDoS, correlation, detection, period, duration

[PDF]

Cite: Wu Zhi-jun,Wang Minghua,Zhang Haitao, and Liu Xingchen "Correlation-based Detection of LDoS Attack," Journal of Software vol. 7, no. 10, pp. 2341-2348, 2012.

General Information

ISSN: 1796-217X (Online)
Frequency:  Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKIGoogle Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
  • Mar 01, 2024 News!

    Vol 19, No 1 has been published with online version    [Click]

  • Jan 04, 2024 News!

    JSW will adopt Article-by-Article Work Flow

  • Apr 01, 2024 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Apr 01, 2024 News!

    Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP   [Click]

  • Nov 02, 2023 News!

    Vol 18, No 4 has been published with online version   [Click]