Paper Info
Title
Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks
Abstract
Effective mechanisms for detecting and thwarting Distributed Denial-of-Service (DDoS) attacks are becoming increasingly important to the success of today's Internet as a viable commercial and business tool. In this paper, we propose novel data-streaming algorithms for the robust, real-time detection of DDoS activity in large ISP networks. The key element of our solution is a new, hashbased synopsis data structure for network-data streams that allows us to efficiently track, in guaranteed small space and time, destination IP addresses in the underlying network that are "large" with respect to the number of distinct source IP addresses that have established potentially-malicious (e.g., "half-open") connections to them. Our work is the first to address the problem of efficiently tracking the top distinct-source frequencies over a general stream of updates (insertions and deletions) to the set of underlying network flows, thus enabling us to effectively distinguish between DDoS activity and flash crowds. Preliminary experimental results verify the effectiveness of our approach.
Year
DOI
Venue
2007
10.1109/ICDCS.2007.142
ICDCS
Keywords
Field
DocType
business tool,destination ip address,denial-of-service attacks,flash crowd,underlying network,real-time detection,general stream,ddos attacks,distinct source ip address,effective mechanism,underlying network flow,ddos activity,large isp network,real-time systems. technical area: data management.,data-streaming algorithms,streaming algorithms,ip networks,top-k frequencies,data management,real time systems,real time,tcpip,distributed denial of service,internet,data structure,ddos attack,frequency,business,robustness,cryptography,streaming algorithm,denial of service attack,data structures
Data structure,Streaming algorithm,Denial-of-service attack,Computer science,Trinoo,Internet protocol suite,Computer network,Robustness (computer science),Hash function,Distributed computing,The Internet
Conference
ISBN
Citations 
PageRank 
0-7695-2837-3
18
0.89
References 
Authors
22
4
Name
Order
Citations
PageRank
Sumit Ganguly1813236.01
Minos Garofalakis24904664.22
Rajeev Rastogi36151827.22
Krishan K. Sabnani41510286.64